Profile

Cover photo
ANTHONY M. FREED
Works at Tripwire, Inc.
731 followers|72,841 views
AboutPostsPhotosYouTube+1's

Stream

ANTHONY M. FREED

Shared publicly  - 
 
I’ve been part of a lot of discussions about big data and its role in security. What is interesting to me is how much hope people have for big data being the savior of the security world. I don’t believe that’s going to happen anytime soon. Why not? Let’s take a look at big data …… Read More
1
Add a comment...

ANTHONY M. FREED

Shared publicly  - 
 
Turns out some servers with Supermicro motherboards have hard-coded, plain-text passwords that can be accessed by remote, unauthenticated attackers. There is a firmware update available to remediate the issue, however over 30,000 servers remain at risk. Just how serious is this security flaw? Listen to episode 157 of our security slice podcast and hear Craig Young and Tyler …… Read More
1
Add a comment...

ANTHONY M. FREED

Shared publicly  - 
 
In the first installment of this series, we provided a general overview of continuous security monitoring, and the next article explained how CSM can help your organization react better to threats. The third article discussed the challenges regarding full visibility into your environment, the fourth article looked at classifying your network assets, and the fifth …… Read More
1
Add a comment...

ANTHONY M. FREED

Shared publicly  - 
 
As if securing an enterprise from the never-ending deluge of malware wasn’t enough to keep security professionals busy, there’s an increasingly urgent need to do more to show that you have your act together. This means demonstrating your state of security, or at least your robust posture, to the many stakeholders of an enterprise, including …… Read More
1
Add a comment...

ANTHONY M. FREED

Shared publicly  - 
 
The P.F. Chang’s compromise is part of a string of high profile credit card breaches, however their response to this breach is very different from other victims. The restaurant chain is now using a manual credit card imprinting system in all its continental United States locations to process credit cards. Will carbon copies protect P.F. …… Read More
1
Add a comment...

ANTHONY M. FREED

Shared publicly  - 
 
The other week, after OpenSSL released their latest security advisory, I went to work creating an ASPL check to heuristically identify servers which may be vulnerable to the man-in-the-middle attack described in CVE-2014-0224. After that was done, I decided to create a secondary Python script for free distribution through the Tripwire web site. The response …… Read More
1
Add a comment...
Have him in circles
731 people
Carl Pruitt's profile photo
Ian Philpot's profile photo
Guy Vancollie's profile photo

ANTHONY M. FREED

Shared publicly  - 
 
With the August 5th & 6th show fast approaching, we are continuing our series highlighting some of the informative presentations that are scheduled to take place at Security BSides Las Vegas. For those who don’t already know, Security BSides events are organized by-and-for the security community, and attracts some of the most innovative security practitioners from …… Read More
1
Add a comment...

ANTHONY M. FREED

Shared publicly  - 
 
This is an extremely critical vulnerability (see VERT advisory with vulnerability detection info here). The affected server component is the baseboard management controller or BMC. These BMCs are essentially a computer running in the same chassis as your server providing out of band access. An attacker with control over an affected system can view and …… Read More
1
Add a comment...

ANTHONY M. FREED

Shared publicly  - 
 
A new Safari feature in iOS 8 allows users to scan their physical credit and debit cards with their device’s camera using optical character recognition. This allows users to shop on their iPhones and iPads with ease, but some are worried about potential abuses. Is it a good idea for consumers to scan their credit …… Read More
1
Add a comment...

ANTHONY M. FREED

Shared publicly  - 
 
The countdown to Security BSides Las Vegas continues, with the August 5th & 6th show fast approaching, and so we are also continuing our series highlighting a few of the many informative presentations that scheduled to take place at this fifth anniversary event. Security BSides events are organized by-and-for the security community, and attracts some of …… Read More
1
Add a comment...

ANTHONY M. FREED

Shared publicly  - 
 
You can’t turn a television on today without seeing one of the nations’ most beloved insurance icons “Flo” from Progressive insurance. We enjoy her whimsical plays on how to get the best price for an insurance policy, but I wonder at what point will these commercials hype “cyber”? On June 3rd, 2014, Tripwire’s The State …… Read More
1
Add a comment...

ANTHONY M. FREED

Shared publicly  - 
 
“Every single one of us encounter con-men in some form or fashion in our lives, perhaps even on a daily basis. Whether it be a pushy sales person or a straight up grifter, many people are after your money and information,” Rosario said. “This talk is aimed towards the fundamentals of conning people out of their assets."
Security BSides Las Vegas is slated for August 5th & 6th, and in the run-up to this fifth anniversary of the epic event, we are spotlighting some of the really cool presentations that scheduled to take place. Don’t forget that there is no registration for this year’s show, and passes will be provided on a …… Read More
4
2
Matthew J. Harmon's profile photoNicodemus Pharisee's profile photo
Add a comment...
People
Have him in circles
731 people
Carl Pruitt's profile photo
Ian Philpot's profile photo
Guy Vancollie's profile photo
Work
Employment
  • Tripwire, Inc.
    Community Engagement & Social Media Coordinator, present
  • Freelance Security Writer
    2008 - 2013
  • Infosec Island
    Managing Editor, 2010 - 2012
Links
Contributor to
Story
Tagline
Always looking for the next security story - send me your tips...
Introduction

Anthony M. Freed is the Managing editor for Tripwire Inc.'s The State of Security, and has a passion for translating security techno-babble into the language of enterprise risk abatement for the business class.

Tripwire’s IT security software reduces risk, ensures systems and data security, and automates regulatory compliance. Tripwire offerings solve the security configuration management, continuous monitoring, and incident detection problems facing organizations of all sizes, as stand-alone solutions or in concert with other IT security controls.

Anthony is an infosec journalist who authored numerous feature articles, interviews and investigative reports which have been sourced and cited by dozens of major media outlets, including The New York Times, Reuters, The Register, Financial Times of London, MSNBC, Fox News, PC/IT/Computer/Tech World, eWeek, SC Magazine, CSO Magazine, Federal News Radio, The Herald-Tribune, Naked Security, and many more.

Basic Information
Gender
Male
ANTHONY M. FREED's +1's are the things they like, agree with, or want to recommend.
Let Me Tell You Some Akamai Security Stories - The Akamai Blog
blogs.akamai.com

I'm a journalist by trade, with two decades of newspaper reporting and editing behind me. I've spent the last decade writing about informati

SCM: System Hardening... Made Easy
www.slideshare.net

System Hardening is the act of reducing the attack surface in information systems and minimizing their vulnerabilities in accordance with: R

nCircle
plus.google.com

nCircle is the leading provider of automated security and compliance auditing solutions

Metricon 8 - This Con Was a Bit Different...
www.tripwire.com

Well, Metricon 8 came and went along with RSA. This con was a bit different - not even a conference, but a working session. Pete Lindstrom (

RSA Conference Attendees Respond: "If I Were a CISO..."
www.tripwire.com

At the RSA Conference, we asked attendees to share with us what they would happen if they became a chief information security officer (CISO)

RSA 2013 Finale: It's Really All About the People
www.tripwire.com

RSAC 2013 has finally come to an end. All in all, if you can look beyond the hype and rampant commercialism that is the trademark of this, t

Techniques to Instill Confidence in Security
www.tripwire.com

Here are two ugly realities about security: Everyone is concerned with their level of security. 100% security is an impossibility. If you ca

What Would You Do If You Became CISO?
www.tripwire.com

It’s good to be the king…or is it? The Chief Information Security Officer or CISO is a position to strive for, avoid, and run away from if y

Security BSidesSF Goes Above and Beyond
www.tripwire.com

For those of you who were lucky enough to be at Security BSides San Francisco 2013, you already know what we know - the event went off witho

RSA Conference
plus.google.com

#rsac, #security, #cybersecurity, #bigdata, #networking

The Convergence of DevOps and Security
www.tripwire.com

Next week is the big RSA Conference in the US (San Francisco), and I'm really looking forward to leading a panel discussion on "Making Rugge

Security Visualization: AfterGlow Cloud
www.tripwire.com

One of the leading thinkers in the realm of security visualization is Raffael Marty, he literally wrote the book on the topic.“Applied Secur

20 Critical Security Controls: Control 4 - Continuous Vulnerability Asse...
www.tripwire.com

Today's post is all about Control 4 of the CSIS 20 Critical Security Controls - Continuous Vulnerability Assessment and Remediation (the las

Beyond the PCI Checkbox. Customer Success Story.
www.tripwire.com

We have many customers who originally have bought Tripwire to comply with a PCI audit. However, we have found that when our Professional Ser

U.S. to friend and foe: Come visit our network flea market!
blogs.csoonline.com

Is it sad that a lot of us find humor and indifference in just how easy it is to rummage through the government's computer networks? Per

Announcement from Infosec Island Members: TakeDownCon: Special Discounts...
www.linkedin.com

Special Training Promotion for Infosec Island Members Sign up for any of the trainings, and enjoy the following: 1. 15

Infosec Island - Apps on Android Market
market.android.com

Infosec Island is the premier resource for all IT and Information Security-related news, articles and commentary. Join the largest IT Securi

First documented case of cyber espionage? - Forbes
www.forbes.com

There have been so many examples of cyber espionage that it is now the norm to just accept that it is rampant.  MI5 in the UK, the German Ch