Dave Lewis

Dave Lewis has over 20 years industry experience. He has extensive experience in IT operations and management. Currently, Dave is a global security advocate for Akamai Technologies . He is the founder of the security site Liquidmatrix Security Digest and co-host of the Liquidmatrix podcast. Dave also serves on the (ISC)2 Board of Directors. Prior to his current role, Dave worked in the finance, healthcare, entertainment, manufacturing and critical infrastructure verticals. He has worked for a defense contractor as a security consultant to clients such as the FBI, US Navy, Social Security Administration, US Postal Service and the US Department of Defense to name a few. When not at work Dave can be found spending time with his family, playing bass guitar and polishing his “brick of enlightenment”.

RSA 2017: what are you trying to solve?

RSA 2017 notes: privileged accounts and blunders

RSA 2017 notes: privileged accounts and blunders

Privileged accounts are a necessary evil for a lot of organizations. These accounts allow for users to be able to do work that, in some cases, lead to unfortunate results if misused. But, how many organizations do a good job at...

Notes from RSA 2017

Notes from RSA 2017

Every year San Francisco plays host to a massive show in the guise of the RSA Security Conference. The city becomes awash in a sea of interlopers wandering about the streets adjacent to the Moscone Center with their name badges...

Wordpress 0-day content injection vulnerability

Wordpress 0-day content injection vulnerability

Today news broke of a particularly nasty zero day vulnerability in the Wordpress REST API. The vulnerability in this case would allow for content injection as well as privilege escalation. This vulnerability would an...

System agent bloat: too many slices

System agent bloat: too many slices

Many years ago, in simpler times, I was responsible for the security program that included the controls which protected (in theory) against malicious files and programs that were hell bent on causing mischief. We had agents on our...

5 Canadian security conferences in 2017

5 Canadian security conferences in 2017

As every year I find myself working through the list of upcoming conferences around the world. One thing that I’ve always been pleased about is the rich variety that is available right across Canada throughout the year. I’m going...

All through the house, not a hacker was stirring...

All through the house, not a hacker was stirring...

The holiday season is a time to spin down and relax for many people. Where we hang up our spurs, or rather, we tuck the carry-on suitcase into a corner at least five feet away from the door. But, as with every holiday season we...

War stories: escalation attack loopback

War stories: escalation attack loopback

Last month I shared some stories about events that I’ve had to contend with over the last 20 years. One incident that I recall was a particular individual who thought that only scanning up to port 1023 was the only proper way to...

War stories: diary of a box hugger

War stories: diary of a box hugger

After years in the information security space there are few things that get me misty eyed like a massive data center. In part because it gives me a chance to reminisce about the good old days. Hundreds of hours sitting cross...

War stories: for your eyes only

War stories: for your eyes only

There are few things that make for as amusing reading as an acceptable use policy. In some organizations that I’ve been through, it was clear that no one had ever read their unicorn-esque like policy document. Some of the...

War stories: just shut off telnet

War stories: just shut off telnet

Years ago I was working on a project that had a rather interesting premise. It was a way to send a file between two parties that was stamped as verified by a third party intermediary. Pretty basic stuff but, in the 90s it was...

War stories: Logs are where the dead things dwell

War stories: Logs are where the dead things dwell

Over the years there has been one love hate relationship that I could never truly get away from entirely. That was logging on systems and anything else that had something to say. I got so silly that at one point when I was doing...

Load More