DefCamp 2017 Romania: INTERVIEW with April C Wright: “Infosec is like fighting an uphill battle, and it definitely takes a village”

The DefCamp Romania 2017 infosec conference organizers wanted to explore the topic of internal and external challenges that organizations face nowadays in terms of securing their assets and keeping them safe. I was interviewed, since I’ll be speaking there in November, and I pointed out a few of my thoughts on the topic.

Read the full article and interview here:

INTERVIEW with April C Wright: “Infosec is like fighting an uphill battle, and it definitely takes a village”

Must-have Mac OS X Software to Protect Your Mac Computer

From the moment I first started using MacOS X, I fell in love.  It was like my long-time favorite Macintosh <= v9 had spawned with my other love, NeXTStep, to create an exquisite underlying

The Jurassic Park scene where the girl says “This is a UNIX system! I know this!”?  That was me…

In high school, I had read a *NIX book during detention (There was a time when I just didn’t like going to class…), and I consider that experience to be one of the defining moments of my life.

UNIX System Administration HandbookQ

I had been coding sprites since I lost my first teeth, learned BASIC and was already on IRC and BBS’s, but UNIX was a gloriously complex and special thing.  We didn’t have Linux back then really, People primarily used FreeBSD and some of the other commercial distros.

I still consider myself a System V fangirl, after paying many years of dues in UNIX Technical Operations for a large managed hosting company.  That’s how I got into security, so I’m really a paranoid UNIX admin who happened upon security.

But I digress.  UNIX is awesome. And MacOS + *NIX is even awesome-r.

Mac OS X is extremely secure to begin with, with fantastic built-in features such as full-disk encryption with FileVault, a firewall, many sharing and other more risky features disabled by default, and GateKeeper for application protection.

The standard features are great for most people, but remember – I’m paranoid. Security can generally always be improved for any device, system, solution, etc.

When I install a fresh copy of MacOS X, there are certain pieces of software that I absolutely must install, and most are security tools.

I’ve compiled a list of the security software I tend to install on every Mac I use.  These vary from network firewalls to monitoring of specific IOCs (indicators of compromise).

I’m not affiliated with any of these companies (that I know of), these are just awesome tools I recommend.

You’re perfectly okay only using stock Mac OS X, as these tools are mostly monitoring tools for the truly paranoid.  E.g. The Mac OS X Firewall works perfectly fine, but there are tools that offer additional functionality. These tools may also adversely affect performance, because they are constantly watching.

Read more…