Avatar

Tim (Wadhwa-)Brown

Head Of Research

CX EMEAR Security Architecture

Tim Brown joined Cisco as part of their acquisition of Portcullis for whom he worked for almost 12 years. He is equally happy performing white box assessments with access to source code or where necessary diving into proprietary binaries and protocols using reverse engineering methodologies. Tim has contributed to a number of Cisco’s bespoke methodologies covering subjects as diverse as risk and compliance, secure development, host hardening, ERP and SCADA. In 2018, Tim looked at targets as varied as risk, Active Directory, mainframes, MPLS, banking middleware and devops as well as supporting Cisco's incident response capability.

Outside of the customer driven realm of information assurance, Tim is also a prolific researcher with papers on UNIX, KDE, Vista and web application security to his name. Tim is credited with almost 150 vulnerability advisories covering both kernel and userland, remote and local. Most recently Tim spoke at Black Hat on some of his Active Directory research. Tim particularly like to bug hunt enterprise UNIX solutions.

Articles

February 12, 2019

SECURITY

So You Want To Build A SOC: Security Intelligence and Technical Considerations (Part 2)

As security consultants, we go into an extraordinary array of organisations’ security environments, all with very differing levels of maturity. Our clients consistently state a common desire:   "We need a...

February 5, 2019

SECURITY

So You Want to Build a SOC: Foundations for Your Security Operations Team (Part 1)

As security consultants, we go into an extraordinary array of organisations with very differing levels of maturity and one thing keeps on coming up: "we need a SOC". Whilst this...

November 10, 2018

SECURITY

War Games: A WOPR of a Security Test (Part 4)

These blue team actions should be performed on top of any specific remedial actions that are carried out to resolve specific issues.

November 3, 2018

SECURITY

War Games: A WOPR of a Security Test (Part 3)

The Team believes that the likelihood of a successful Internet delivered attack by either a malicious insider or via an external actor is high, given the systemic failures identified in these scenarios.

October 27, 2018

SECURITY

War Games: A WOPR of a Security Test (Part 2)

Having defined the scenarios, you can see how these could be linked together in different ways to form comprehensive attack vectors.

October 20, 2018

SECURITY

War Games: A WOPR of a Security Test (Part 1)

In what was an interesting change to the usual technical and risk/compliance focused consultancy, the Team carried out a War Games exercise - similar to a "Red Team" engagement.

August 22, 2018

SECURITY

Securing the Cloud: Assessing the Security of TLS

Moving from self-hosted infrastructure to cloud-based environments increases the demand for resiliency and security. Cisco's cloud security solutions give our customers the visibility they desire.

June 6, 2018

SECURITY

The Importance of Logs

It's funny how the world turns. I started off in security working for a bank. The model there was very much build it, break it, fix it with our Operational...