scott j roberts
intelligentsia in training, network security ninja, pancake visionary, mixtape master, failed fashionista
My Twitter Stream- My GitHub
- My LinkedIn
- My Instagram
- Goodreads
- Contact Me
Loading,
0
% complete-
Tweets
- @BobbyCarbon It's a sirens song to be sure. I think I'll be playing a good part of the night myself. After my reversing is done at least.
- Article: Terrible Presentation Stress Disorder: “Finding APT with Big Data” by Kyle Maxwell (@kylemaxwell) - http://t.co/5MoV86In
- @DannyPickens Phrasing…
- @radian Man, I would thank the guy who got you into Apple. Talked you out of that Ubuntu stuff. Must have been a smart guy.
- @Devon @rebeccabrownlee Email sent.
- Really appreciated @kylemaxwell's kind words about @saphothreat. Reminds me I need to get some new content built. #opensourceproblems
- @Devon I know @RebeccaBrownlee has done some really awesome stuff. Rewards and all that as well. Let me know if you need an introduction.
- @DannyPickens @n0dna I walk away from Twitter for a few hours and Dan is babysitting while Danny does BSDM webcam porn. #childplease
- @kylemaxwell You're generous trusting them with firewalls.
- Article: Sapho: threat intelligence tool by Kyle Maxwell (@kylemaxwell) - http://t.co/jRj4SA3A
- @rndbit I didnt know that, thanks for sharing, but you see my point? There's limited logic for an invisible element in a presentation layer.
- Is there a reason browsers aren't set to automatically block any 0px by 0px elements? Maybe even anything under 5px? Seems like it'd help.
- Article: China as a threat: a bit of perspective by Kyle Maxwell (@kylemaxwell) - http://t.co/MdE6aaj0
- @kylemaxwell And you're sending me a todo list? Thanks man. There goes my next weekend.
- @kylemaxwell Wait if you blog about it people are gonna care… well now I really have to get some of my new ideas out.
- @kylemaxwell Dune indeed. Started playing with some additions over the weekend actually. We'll see what comes of it.
- @kylemaxwell "I don't always put memes in my presentations, but when I do I use obscure ones."
- @kylemaxwell I have a most interesting man in the world reference. Does that count?
- This C-level presentation I'm building doesn't have nearly enough animated gifs for my liking.
-
Repositories
- The Textmate bundle I created for writing and editing Snort rules.1 fork / 1 watcher / Pushed Nov 14, 11
- A script & now Cocoa app for generating two word code phrases... for stuff.1 fork / 1 watcher / Pushed Sep 24, 11
- A quick script for carving relevent slices of PCAP for analysis I used at Defcon CTF 2010.1 fork / 1 watcher / Pushed Jul 17, 11
- A quick little script for capturing network activity using tcpdump.1 fork / 1 watcher / Pushed Jul 14, 11
- A geolocation information gatherer. Offers geolocation information gathering through social networking platforms.28 forks / 319 watchers / Pushed Apr 18, 12
- Python daemonizer for Unix, Linux and OS X18 forks / 203 watchers / Pushed Apr 11, 12
- Three20 is an Objective-C library for iPhone developers982 forks / 6424 watchers / Pushed Apr 08, 12
- An analytic technique created at the CIA, ACH helps you analyze complex situations with multiple hypotheses and countless pieces of evidence. Multiple people can collaborate on a single problem, and ACH will compare everyone's analyses and pinpoint the precise areas of disagreement, allowing for a more focused debate.7 forks / 54 watchers / Pushed Jan 07, 12
- The Textmate bundle I created for writing and editing Snort rules.1 fork / 1 watcher / Pushed Nov 14, 11
- Ruby BlackBag. Misc ruby-based pen-testing/reversing tools. Inspired by Matasano BlackBag.4 forks / 61 watchers / Pushed Oct 27, 11
- Convert ESRI Shapefiles into GeoCouch databases4 forks / 27 watchers / Pushed Oct 27, 11
- A script & now Cocoa app for generating two word code phrases... for stuff.1 fork / 1 watcher / Pushed Sep 24, 11
- SwiftRiver is a free and open source software platform that uses algorithms and crowdsourcing to curate and filter realtime data.35 forks / 127 watchers / Pushed Aug 23, 11
- A quick script for carving relevent slices of PCAP for analysis I used at Defcon CTF 2010.1 fork / 1 watcher / Pushed Jul 17, 11
- A quick little script for capturing network activity using tcpdump.1 fork / 1 watcher / Pushed Jul 14, 11
- Demonstration of Tesseract OCR on the iPhone. Video: http://www.youtube.com/v/MICew5-nZp4?hl=en_US&fs=145 forks / 290 watchers / Pushed Apr 08, 11
- Python module for the DokuWiki XML-RPC backend3 forks / 13 watchers / Pushed Oct 02, 10
- Source code to the Reverse Engineering Challenges for the CSAW 2009 competition, as well as the "scoreboard" system.2 forks / 9 watchers / Pushed Nov 16, 09
-
Info
- Information Security Analyst and ResearcherComputer & Network Security | Greater New York City Area, USSummaryI am a full time Technical Lead in the Mantech Security Operations Center. I act as a subject matter expert on network security monitoring, incident response, and threat intelligence.
I am also completing my degree at Penn State University majoring in Information Science and Technology with a focus on System Design and Development with an Information Assurance option, completing my degree part time through independent research.Specialties: Network security, Unix Client Security, Unix Server Security, Windows Client Security, Active Directory, Group Policy, Vulnerablity Assessments, Network Auditing, Host Auditing, Wireless Auditing.Experience- Feb 2012 - PresentSecurity Consultant / Vigilant, LLC
- 2010 - Dec 2011SOC Technical Lead / ManTech International
- Jun 2008 - Mar 2010Security Consultant / Mandiant
- Jan 2007 - Jun 2008Threat Analyst: Managed Security Services / Symantec- Conducting threat analysis for Symantec global Managed Security Services three primary teams, spanning 450+ enterprise customers, spread over four contents, ranging from Financial Services to National Infrastructure. - Providing documentation, research analysis, handling instructions, as well as customer facing reports and analysis. - Functional conduit between regional analysis teams and Symantec’s world wide information security intelligence group, Deepsight, conducting specific customer and industry analysis to support Deepsight research and findings. - Architecting redesign of the Security Operations Center Technology Platform, including key initiatives, in support of creating a new world class analysis console and back end. - Leading the effort to redevelop six week security analyst training curriculum to develop trainee analysts to deal with cutting edge threats.
- Apr 2006 - Jan 2007Security Analyst: Managed Security Services / Symantec- Performed advanced network threat analysis, validating attacks and accessing impact for Fortune 500 and private enterprise clients of various industries. - Provided appropriate tactical and strategic recommendations to clients for incident remediation and proactively preventing future attacks. - Collaborated with client security teams, third party consultants, and Symantec in-house engineering to implement recommended security countermeasures. - Researched current vulnerabilities, attacks, and appropriate countermeasures, as well as producing internal documents to educate other analysts.
- Oct 2004 - Apr 2006Curriculum Designer / Penn State University's NSA Center for Information Assurance Excellence- Created teaching materials, focused on hand on laboratory exercises, to be used in Information Security classes under a grant from the National Science Foundation. - Proctored lab sessions using these exercise, providing guidance and extending the educational experience for students. - Completed multiple accepted, juried research papers submitted to various Academic Information Security Conferences.
- Jun 2005 - Aug 2005Network Security Intern / The Hershey CompanyThis was my third summer with Hershey and a very different experince from the previous two. This summer I spent much of my time working more as a Security Architect than a Security Analyst, focusing my time on writing new policies, evaluating new technologies, and helping to prepare Hershey for current and upcoming threats. I also worked on increasing our utilization of current investments and auditing our current technologies and practices.
- May 2004 - Aug 2004Intern Information Security Analyst / Hershey Foods CorporationFocused primarily on desktop specific issues. Extensive time spent on systems auditing and hardening, policy compliance, investigations and forensics, wireless exposure testing, and technology evaluation. Also deeply involved in document creation, creating security summaries, position papers, threat analyses for executive management, and other technical writing tasks.
Education-
2011 - 2012Penn State UniversityBS in Information Science & Technology
-
2004 - 2006Penn State UniversityB.S. in Information Science and Technology: System Design and Development
-
2003 - 2003University of Maryland Baltimore CountyBS in Computer Science
-
2002 - 2003Shippensburg University of PennsylvaniaBS in Computer Science
Activities: Student Researcher in collaboration with facility, Programming Team member
Additional Information-
Websites:
-
Honors:•GIAC Certified Incident Handler (GCIH) •Holder of the DoD NSTISSI No. 4011: Information Systems Security Professional Certification. •Paper Review Committee Member - 10th & 11th Colloquium for Information System Security Education.
-
Interests:Cyber Threat Intelligence, Intelligence Driven Network Security Monitoring, Exploit Techniques and Defense, Information Assurance Teaching and Training, Information Warfare & Espionage
-
Photos
-
Reading
