For thoughts greater than 280 characters.


along with writing, conference-y and other community things.

Over the years I’ve written and talked about the stuff I work on. I tried to catalog some of that here and give credit when I worked with others; hopefully I didn’t forget anyone. There are a few other projects scattered in here as well.

Also, once upon a time I worked at a research lab and helped some super smart folks do some super cool research. You can find that kind of work over on Google Scholar.

2019-10-28: Usenix LISA19 Program Co-Chair - LISA has been around for a long time - about 31 years. Is System Administration relevant in 2019? Sure is - we just call it a bunch of different things now. I’ll be working with Mike Rembetsy to build a systems conference worthy of the 💯 emoji.

2019-03-18: MIT Lincoln Laboratory had a workshop on Understanding Mission Driven Resiliency. This was a day-long workshop to bring government officials and industry folks together to chat about resiliency in the context of cybersecurity, and the barriers that exist at the government level that contribute to brittle systems as delivered. The workshop also touched on some geopolitical factors, which was interesting as well.

2019-03-13: Threat Stack, CHAOSSEARCH and Logz.io had an evening meetup and once again I did the Securing a Security Company talk. This was a well run event and Sarah Wills, Pete Cheslock, and Quintessance Anx (listed by org) did a nice job of putting it all together.

2018-10-29: At LISA18 I did my Securing a Security Company talk, and was on a last minute panel about DevSecOps. My talk is available on the site, but it’s my least favorite run of it. Funny story: I started getting super sick the night before and gave the talk with a stomach bug anyways, so keep that in mind if you watch it 🤣. I was on the program committee for LISA18 as well.

2018-07-25: Talked at Boston DevOps about Securing a Security Company - a talk that I’ll transcribe and put here eventually. This was the first run of this talk. In short, we build a lot of our own tooling - as much as we have time to allow for - to make security easier. Living the DevSecOps dream, one day at a time.

2018-02-11: I got annoyed with OpenSSL commands, and made a website to help generate CSRs using OpenSSL if you need that kind of thing.

2017-10-29: I was an invited talks co-chair for LISA17 and it was pretty great. Working with Alice Goldfuss was a blast!

2017-05-15: I had the pleasure of spending a couple of days at what is now Oslo Metropolitan University, where I gave a guest lecture to students about the intersection of Security and Operations. On another day I gave a talk to faculty about the challenges involved in running OpenStack and why Joyent’s SmartDataCenter was a bit easier to run for a small research organization.

2016-12-04: I ran the LISA16 invited talks track (conference program) with the one and only Ben Cotton.

2015-11-08: I presented my masters project at LISA15, which was a way to set up some containers to be used as on-demand bastion hosts. That work was called Spyglass and the talk is pretty short too! Spyglass was the last paper presented at LISA.

2014-11-09: Was an invited talks co-chair for LISA14 with Matt Simmons and Doug Hughes.

2014-02-25: I gave my first talk 🎉 at Utah State University’s Partners in Business conference. It was a while ago, but the talk was something about bringing IT to the table and making them business enablers, and I was on a panel about security too. I remember meeting David Thaw and Branson Matheson there, and also being super nervous. A huge thanks to Nicole Forsgren for the opportunity!

2013-11-08: I was a LISA13 program committee member, looking for talks and papers.

2012-12-09: LISA12 was the first conference I helped out with! Carolyn Rowland gave me a chance, and we’ve been great friends since.