Avatar

Tim (Wadhwa-)Brown

Head Of Research

CX EMEAR Security Architecture

Tim Brown joined Cisco as part of their acquisition of Portcullis for whom he worked for almost 12 years. He is equally happy performing white box assessments with access to source code or where necessary diving into proprietary binaries and protocols using reverse engineering methodologies. Tim has contributed to a number of Cisco’s bespoke methodologies covering subjects as diverse as risk and compliance, secure development, host hardening, ERP and SCADA. In 2018, Tim looked at targets as varied as risk, Active Directory, mainframes, MPLS, banking middleware and devops as well as supporting Cisco's incident response capability.

Outside of the customer driven realm of information assurance, Tim is also a prolific researcher with papers on UNIX, KDE, Vista and web application security to his name. Tim is credited with almost 150 vulnerability advisories covering both kernel and userland, remote and local. Most recently Tim spoke at Black Hat on some of his Active Directory research. Tim particularly like to bug hunt enterprise UNIX solutions.

Articles

February 12, 2019

SECURITY

So You Want To Build A SOC: Security Intelligence and Technical Considerations (Part 2)

As security consultants, we go into an extraordinary array of organisations’ security environments, all with very differing levels of maturity. Our clients consistently state a common desire:   “We need a SOC.” My last post on this topic focused on the operational considerations.  Now le…

February 5, 2019

SECURITY

So You Want to Build a SOC: Foundations for Your Security Operations Team (Part 1)

As security consultants, we go into an extraordinary array of organisations’ security environments, all with very differing levels of maturity. Our clients consistently state a common desire:   “We need a SOC.” Building a SOC doesn’t present a problem for Cisco’ Security Advi…

November 10, 2018

SECURITY

War Games: A WOPR of a Security Test (Part 4)

As any security consultant will know, the more fun you have on an engagement (see part 1, part 2 and part 3 for the back story), the longer the report will be afterwards and the more important the executive and technical summaries will be in tying all the observations together in an actionable fashi…

November 3, 2018

SECURITY

War Games: A WOPR of a Security Test (Part 3)

So how did the team get on in our War Game exercise?  In order to complete the War Game exercise (the setup for which can be found in part 1 and part 2 of this series), our Security Advisory Services team determined that the following attack scenarios would need to be simulated: The plan A broad ta…

October 27, 2018

SECURITY

War Games: A WOPR of a Security Test (Part 2)

In part 1 of this series of posts, we covered what constituted a War Game and how we defined the various attack scenarios. In this part, we will cover our Cisco Security Advisory Services team used these scenarios to develop real world threat models and establish other parameters of the engagement.…

October 20, 2018

SECURITY

War Games: A WOPR of a Security Test (Part 1)

Recently, in what was an interesting change to the usual technical and risk/compliance focused consultancy, our Security Advisory Services carried out a War Games exercise – which is similar in style to a “red team” engagement. This short series of posts aims to describe the experi…

August 22, 2018

SECURITY

Securing the Cloud: Assessing the Security of TLS

As more and more organizations move from self-hosted infrastructure to cloud-based environments, so too increases the demand to ensure that they are resilient and secure. As part of Cisco’s efforts to support our customers in making this change in a smooth and seamless fashion, we have been hard at…

June 6, 2018

SECURITY

The Importance of Logs

It’s funny how the world turns. I started off in security working for a bank. The model there was very much build it, break it, fix it with our Operational Security team aligning with platform and application support teams to build the projects the business wanted. Very soon after I joined it…