Talks

I prefer organizing conferences, but every so often I’ll write a talk if the topic feels unexplored enough.

• Securing a Security Company
• Put a Yubikey On It

Tools

Some things I’ve made mostly for work but also play:

• Authkeys - An LDAP authorizedKeysCommand provider (blog post)
• Deputize - Manages your on-call’s access to resources, automatically (blog post)
• gelfbeat - Takes in UDP-based GELF formatted UDP traffic and packages it up into the beats format
• mrmanager - Takes dynamic credentials from Vault and puts them into the right place on disk
• onair - Controls an IP light when you’re on a video or audio call
• pipefitter - Manages IP target groups in multiple regions and VPC Endpoint Principal Allowlists
• Trash Taxi - Terminates instances that people have run manual commands on (blog post, website)
• ts - a CLI tool for the Threat Stack API
• VPNNotify - Sends you a slack DM when you start an OpenVPN session (blog post)

Community Stuff

• SRECon Americas PC member 2022-2025
• Reviewed a few publications you might have read, such as:
  • Zero Trust Networks - Barth/Gilman (O’Reilly, 1st Edition)
  • Seeking SRE - Blank-Edelman (O’Reilly)
  • Systems Performance - Gregg (Pearson, 2nd Edition)
• Presented Trash Taxi at Blackhat Arsenal in 2019
• Also presented at MIT Lincoln Laboratory’s Understanding Mission Driven Resiliency workshop
• I became a regular organizer of USENIX’s Large Installation System Administration (LISA) conference between 2012 and its end in 2021
  • Program Committee member in 2012 and 2013
  • Invited Talks Co-Chair in 2014, 2016, and 2017
  • Presented the last paper (Spyglass) at LISA 2015
  • Gave my “Securing a Security Company” talk at LISA 2018 and was a last minute addition to a DevSecOps panel. You can find it if you want, but it’s my least favorite version of the talk since I had food poisoning that morning
  • Chaired the last in-person LISA (2019) in Portland, Oregon