About
A seasoned professional with a rare mix of technical, marketing, development, business…
Articles by John
-
(Wednesday, October 5, 2016 1:00 pm) Unsecured SSH Keys to Your IT Enterprise Left Under the Doormat
(Wednesday, October 5, 2016 1:00 pm) Unsecured SSH Keys to Your IT Enterprise Left Under the Doormat
Wednesday, October 5, 2016 1:00 pm Eastern Daylight Time (New York, GMT-04:00) Event Information: Sshhh…Unsecured SSH…
Activity
-
CyberArk (Nasdaq: CYBR) announced strong third quarter 2024 financial results, exceeding guidance on the top- and bottom-line and delivering strong…
CyberArk (Nasdaq: CYBR) announced strong third quarter 2024 financial results, exceeding guidance on the top- and bottom-line and delivering strong…
Liked by John Walsh
-
Really exciting to see the growth in CyberArk's partnership with GitGuardian, with the joint launch of the 2024 Voice of Practitioners Survey. As a…
Really exciting to see the growth in CyberArk's partnership with GitGuardian, with the joint launch of the 2024 Voice of Practitioners Survey. As a…
Liked by John Walsh
-
If you're in SLC for KubeCon in November, this is going to be a special event 👇
If you're in SLC for KubeCon in November, this is going to be a special event 👇
Liked by John Walsh
Experience
Education
-
Marist College School of Management
• Obtained while working fulltime as a software engineer at IBM.
• Only 33% of all applicants are accepted into the program.
• Worked on projects using PHP, SQL, HTML, CSS, XML, Javascript, and UML.
• Designed a distributed information system for a hospital using customer interviews, UML, agile process, prototypes, and ERD diagrams.
• Learned about Statistical Modeling, Data Warehousing, Finance, Management, Marketing, and other business concepts. -
-
Activities and Societies: Graduated a semester early. Worked full-time as a CO-OP at IBM the last year of study. Worked as a JAVA Computer Science teaching assistant. Held lectures every week to go over computer science subjects in more detail and answer questions. Held office hours to help students debug their work or offer extra help.
• Upsilon Pi Epsilon (UPE) Honor Society.
• Only 40% of all applicants are accepted into the program.
• Top 3% of accepted applicants.
• Graduated one semester early.
• Worked fulltime as a Software Developer at IBM during the last year of school.
• Worked on projects using applets, servlets, SMTP, POP3, Lisp, and Haskell.
Publications
-
DevSecOps is an Abomination!
conjur.org
See publicationDr. Frankenstein’s monster is one of the most hated and misunderstood monsters of all time. Frankenstein brought his creation into the world without proper forethought or planning. He simply stitched various body parts together to form an uncontrollable abomination. There are similarities here with how DevSecOps is typically created. Frankenstein wannabes simply bolt security on to DevOps or stitch security policies from different tools together. The result is an uncontrollable DevSecOps…
Dr. Frankenstein’s monster is one of the most hated and misunderstood monsters of all time. Frankenstein brought his creation into the world without proper forethought or planning. He simply stitched various body parts together to form an uncontrollable abomination. There are similarities here with how DevSecOps is typically created. Frankenstein wannabes simply bolt security on to DevOps or stitch security policies from different tools together. The result is an uncontrollable DevSecOps abomination. DevSecOps abominations wreak havoc on operations and development teams daily. The problem is not DevSecOps, it is that people do not understand it or implement it correctly.
-
Cybersecurity: When the Outsider Becomes an Insider
Data Center Knowledge
See publicationThe story you are about to read is true. Only the names have been changed to protect the oblivious.
-
Access Denied: What you need to know to protect the network
See publicationThe story below is true in essence, if not in particulars, and it is one that has played out many times across all sectors.
-
Hackers Are Now Scanning For SSH Keys To Exploit
See publicationAs many of you know, servers running SSH are under constant siege by hackers and botnets, but how are attackers getting into these servers? Servers are typically broken with brute-force password attacks because this is easy when people use passwords like "1234" and "changeMe", but do attackers do when SSH keys are used as credentials instead of passwords? We at SSH Communications Security are well aware of other attack vectors such as SSH keys. The recent SSH key scanning attacks on websites…
As many of you know, servers running SSH are under constant siege by hackers and botnets, but how are attackers getting into these servers? Servers are typically broken with brute-force password attacks because this is easy when people use passwords like "1234" and "changeMe", but do attackers do when SSH keys are used as credentials instead of passwords? We at SSH Communications Security are well aware of other attack vectors such as SSH keys. The recent SSH key scanning attacks on websites reported by Wordfence are yet another high profile example, but I like to know as much about my advisory as possible.
-
A Lesson from Sun Tzu: Is Your Cybersecurity Strategy Sound, or Are You Just Making Noise?
See publicationRansomware and large-scale DDoS attacks tend to steal the limelight when it comes to cybersecurity. The problem is that,while companies are focused on securing their networks against the latest threat, they tend to overlook a serious underlying flaw that has the potential to cause far greater destruction: SSH keys.
-
Cybersecurity from the infrastructure up: Don’t ignore SSH keys
See publicationIn the never-ending fight against cybercrime, is your agency focused on strategy or on tactics?
The federal government is under mandate to keep its own and its citizens’ data secure — that’s a given. What tends to happen, though, is that IT security teams are so focused on defeating the latest malware variant that they pay no heed to a foundational network issue that could be much more serious. -
Weave your cybersecurity tactics into a cohesive strategy
See publicationRecent headlines about cybersecurity threats tend to focus on the latest ransomware, implying that the worst threats are generated externally. Yet what typically goes unnoticed is a fundamental shortcoming in most agencies’ cybersecurity strategy.
-
A Cyberattack "Short Story"
See publicationA short story told through the point of view of a CyberAttack.
It doesn’t matter where the breach came from or how it got in because once inside your business it is able to move from system to system and take whatever it wants, turning what was once an issue on one machine into an enterprise wide crisis. -
Snowden Calls On Employees To Leak Company Secrets
SSH
See publicationDuring the Hackers On Planet Earth (HOPE) conference, Snowden called on insiders (employees) to spill corporate and government secrets.
-
Identity & Access Management: Don’t get Death Starred!
SSH
See publicationThere is no such thing as a small vulnerability when your business security is at risk.
-
Covered by Slashdot
Slashdot News for Nerds
See publication"After the Heartbleed fiasco, John Walsh brings attention to the lack of proper manpower and funding to run various open source projects.
Walsh goes on to ponder security of open source software, the 'many eyes' phenomenon, dedicating people to review code, and quality control." -
Free Can Make You Bleed
SSH
See publicationI discuss the lack of funding for open source projects and the many reviewers fewer errors argument.
-
IBM Tivoli Directory Server for z/OS - Redbooks
IBM International Technical Support Organization
A technical overview of the IBM Tivoli Directory Server for z/OS
I wrote the following sections related to:
-WLM Workload Manager
-Opersions Monitor
-Activity Log
I reviewed and commented on many other sections of the book as they were being writtenOther authors -
Patents
-
Prioritization of search requests using search templates
Issued US US 8185512 B2
A method, a computer system, and a computer program product that prioritizes search requests to a database directory by assigning the search requests to one or more templates. Attributes of the search requests, such as an IP address, the portion of the database to which the search is constrained, one or more return attributes, the scope of the search, and/or search filters used, are compared with values of those attributes of the templates. The template whose values of the attributes match the…
A method, a computer system, and a computer program product that prioritizes search requests to a database directory by assigning the search requests to one or more templates. Attributes of the search requests, such as an IP address, the portion of the database to which the search is constrained, one or more return attributes, the scope of the search, and/or search filters used, are compared with values of those attributes of the templates. The template whose values of the attributes match the values of the attributes in the search request is selected. This template has a template identifier that is associated with a transaction name of a work unit enclave. The search request is then associated with the work unit enclave and the operating system of the computer system will execute the search request in accordance with the performance goals and priority of the service class into which the work unit enclave is assigned. Process steps include creating a search template if none exist, and configuring a database server to assign a transaction name to search requests based on attributes and their values of the search request and then associating that transaction name with a transaction name of the work unit enclave.
Other inventors -
Projects
-
• L3 customer service team lead in addition to software engineer role.
-
• Communicated with customers to determine the problem and customer impact.
• Insured 100% of target dates were met. -
• Worked on the IBM JAVA cryptography security provider for z/OS.
-
• Verified defects and created test cases using JAVA, JUnit, and shell script.
-
At Marist: Designed an Information System based on customer requirements.
-
Used agile development to designed a distributed information system for a hospital using customer interviews, UML, agile process, prototypes, and ERD diagrams.
-
Common Criteria (CC) representative in addition to software engineer role for z/OS LDAP.
-
• Attended CC meetings to determine potential impact to the product.
• Updated code to comply with most current CC standards. -
Debugged and fixed Kerberos cross-platform defect with MS Active Directory
-
• Used TCP/IP packet trace to debug the problem.
• Worked directly with Microsoft to determine which product was in error.
• Consulted the LDAP RFC to verify the problem was with z/OS LDAP.
-
Developed Activity Log pattern filter to improve customer usability
-
• Wrote a patent publication to protect IBMs IP rights.
• Used URL filter matching to save valuable log space.
• Improved performance by only recording records after the transactions complete. -
Developed DoS and failover support to prioritize transactions within the server for z/OS LDAP
-
• Used thread pools to improve performance by 5%.
• Lowered the priority of denial-of-service (DoS) attack requests to reduce outages.
• Provided failover support for the cloud by reducing traffic to unhealthy servers.
• Learned complicated WLM concepts on the job to finish on schedule with quality.
• Minimized linked list write lock calls to improve performance and reduce bottlenecks. -
Developed internal memory trace and FFDC support to reduce debug time in the field for z/OS LDAP.
-
• Identified key trace points to always be traced to improve debug time in the field.
• Wrote stubs in C/C++ to drop down into ASM and call 31/64 bit APIs.
• Wrote tool to put trace data in human readable format.
• Wrote code to handle settings for internal memory. -
Developed IPv6 support and improved the front-end network layer for z/OS LDAP.
-
-
Developed Operations Monitor support on schedule with quality for z/OS LDAP
-
• Worked directly with UBS to determine their requirements.
• Grouped client transactions into patterns to analyze the server work load.
-
ICSF API implementation for z/OS LDAP.
-
• Team leader and mentor for an execution team in China.
• Used agile process and functioned as the SCRUM master.
-
Rewrote the z/OS Firewall GUI using JAVA, Java Swing, JavaBeans, and AUIML/PDML
-
• Learned about a new IBM proprietary tool to get the job done on schedule.
• Used event-driven programming (EDP).
Test Scores
-
C++ Prove it! Skills Test
Score: 98% top 10%
The test score is based on time and accuracy. I completed in less than a minute for each question and only got one question wrong. I ranked among the top 10% of people who have taken the test.
Prove it! by Kenexa is a trusted skills testing company that provides employers the power to identify and select the most talented candidates and employees.
Test Description
This C++ Programming test is designed to assess a test taker's knowledge and understanding of core C++ concepts…The test score is based on time and accuracy. I completed in less than a minute for each question and only got one question wrong. I ranked among the top 10% of people who have taken the test.
Prove it! by Kenexa is a trusted skills testing company that provides employers the power to identify and select the most talented candidates and employees.
Test Description
This C++ Programming test is designed to assess a test taker's knowledge and understanding of core C++ concepts. The assessment focuses on a number of topics including the evaluation of C++ syntax and code, program structure, C++ operators and keywords, and C++ object-oriented programming. This assessment is appropriate for test takers with a year or more experience working with and coding C++.
Organizations
-
Upsilon Pi Epsilon (UPE) Computer Science Honor Society
Member
- Present
More activity by John
-
Vault Sprawl is a real issue right now. Solving secrets management & machine identity security with CyberArk is a lot simpler than you might think!…
Vault Sprawl is a real issue right now. Solving secrets management & machine identity security with CyberArk is a lot simpler than you might think!…
Liked by John Walsh
-
One of the big topics at last week's Black Hat was securing machine identities. Enterprise Strategy Group Practice Director Melinda Marks sat with…
One of the big topics at last week's Black Hat was securing machine identities. Enterprise Strategy Group Practice Director Melinda Marks sat with…
Liked by John Walsh
-
Cloud transformation projects have become a big priority — but this shift has its challenges. Learn how you can successfully implement a phased…
Cloud transformation projects have become a big priority — but this shift has its challenges. Learn how you can successfully implement a phased…
Liked by John Walsh
-
It was great to be part of another #cybrimpact event. Seeing how much this event has grown over the years is truly inspiring. We’re so fortunate to…
It was great to be part of another #cybrimpact event. Seeing how much this event has grown over the years is truly inspiring. We’re so fortunate to…
Liked by John Walsh
-
Quick chat with CyberArk’s Noam Liran about the new Cora AI service announced at #Impact24 last week! #identitysecurity #ai #itdr #compliance
Quick chat with CyberArk’s Noam Liran about the new Cora AI service announced at #Impact24 last week! #identitysecurity #ai #itdr #compliance
Liked by John Walsh
-
🌟 What a fantastic CyberArk Impact 24 event! 🌟 I had an incredible time connecting with our valued partners. On the first day of Impact, which was…
🌟 What a fantastic CyberArk Impact 24 event! 🌟 I had an incredible time connecting with our valued partners. On the first day of Impact, which was…
Liked by John Walsh
-
Very proud of our team's work supporting a huge week at CyberArk. From our #Venafi acquisition to #CYBRIMPACT keynotes and breakouts and even…
Very proud of our team's work supporting a huge week at CyberArk. From our #Venafi acquisition to #CYBRIMPACT keynotes and breakouts and even…
Liked by John Walsh
-
As you can see in CyberArk Founder and Executive Chair Udi Mokady's smile, it's been a busy week for our entire team. We’ve had a great time meeting…
As you can see in CyberArk Founder and Executive Chair Udi Mokady's smile, it's been a busy week for our entire team. We’ve had a great time meeting…
Liked by John Walsh
-
Jet-lagged thoughts on my visit to Nashville this week for CyberArk IMPACT 24. Spoiler: it was a superb event. Huge kudos to Devin Cleary, Anna…
Jet-lagged thoughts on my visit to Nashville this week for CyberArk IMPACT 24. Spoiler: it was a superb event. Huge kudos to Devin Cleary, Anna…
Liked by John Walsh
-
Our Women in Security Breakfast was a great way to start day 3! Great to see CyberArk COO Eduarda Camacho & VP of Global of GLobal Marketing Hye Jun…
Our Women in Security Breakfast was a great way to start day 3! Great to see CyberArk COO Eduarda Camacho & VP of Global of GLobal Marketing Hye Jun…
Liked by John Walsh
-
Day 1 of #cybrimpact 2024 kicks off with training sessions, certification exams, and hands-on labs.
Day 1 of #cybrimpact 2024 kicks off with training sessions, certification exams, and hands-on labs.
Liked by John Walsh
Other similar profiles
Explore more posts
-
Liz Barrows
Expel is teaming up with Wiz to change the cloud security game 🔐☁ What does this mean for our mutual customers? ✔ Comprehensive coverage ✔ 24×7 expert support ✔ Enhanced context ✔ Continuous improvement ✔ Real-time updates 🚨 REMINDER: We invite you to join us for a webinar on September 26 at 1pm ET with Expel, Wiz, and AWS to learn just how this partnership can provide value for you as it already is for two of our mutual customers, Inductive Automation and dbt Labs. Register today to join us live! (Link to register within this blog 👇)
-
Sandor Klein
☁️ Cloud adoption unlocks speed, scalability, and innovation, but it also opens new doors for attackers. With threats like the SCARLETEEL attack infiltrating systems in just 220 seconds, security teams need to act fast. ⚡ 🔎 Sysdig's newly enhanced investigation capabilities — including attack chain visualization, real-time identity correlation, and optimized workflows — enable 5-minute investigations into cloud threats! Read the blog to discover how these new features set teams up to achieve the 555 Benchmark faster than any traditional detection and response tool. ⤵️ https://okt.to/L1Fdys
-
Jeremy Smillie
I have to say, I’m seriously impressed! How you’ve integrated Norse mythology into a technical project like this is creative and effective. It makes the complex topics of authentication and RBAC engaging and accessible. Your implementation of Keycloak and the seamless handling of multi-tenant authentication are top-notch. Huge congratulations on all the hard work and this fantastic write-up! Also, I love how you've leveraged Bearer tokens in your system. It’s a more efficient choice over JWT for scenarios like this because Bearer tokens can be managed centrally through Keycloak, allowing for better control over revocation and session handling. With JWTs, the lack of built-in revocation often leads to security challenges once tokens are issued, so this approach adds an extra layer of security and flexibility. Well done!
-
Gordon Noble
Bringing Together Splunk Observability & AppDynamics for Unified Visibility Thursday, September 26, 2024 | 12PM SGT / 2PM AEST End-to-end, unified visibility is key to quickly troubleshooting and ensuring that, when issues do occur, your business and end user’s experience are affected as little as possible. But how do you truly achieve end-to-end visibility? By embracing full-stack observability and the power of the integrated Splunk Platform, Splunk Observability Cloud, AppDynamics, and Splunk IT Service Intelligence (ITSI). Join this session to explore the ins and outs of this integration, how it can help you and your team gain end-to-end visibility and accelerate troubleshooting, and how other customers have achieved real-life success. In this webinar you will learn: - How Splunk Platform, Observability Cloud, ITSI, and AppDynamics are currently being integrated - Why end-to-end visibility is critical and how it helps accelerate troubleshooting - How to implement this integration and what software components are involved - Real-life success stories showcasing the business outcomes and ROI achieved by other customers Use the link below to register: https://lnkd.in/gAZeiHhh
-
Peter Hoffmeister
As we are getting closer to usable quantum computers, it is imperative for organizations to prepare for new threats that will be emerging. This includes, in part, preparing for post-quantum cryptography and building a quantum-readiness roadmap. I encourage you to take the time to learn more about quantum-safe encryption!
-
Vic Mankotia
Elevating DevSecOps with Zimperium’s Shielding the Future of Mobile Security Integrating Zimperium ‘s application shielding within DevSecOps enhances security, offering proactive defence against evolving threats like reverse-engineering and tampering. By embedding real-time threat detection, organisations secure mobile applications and safeguard critical business data.
-
Ratan Tipirneni
Amazon EKS Security Bootcamp: Implementing zero-trust security for containers The workshop will guide you in implementing: 1. Deploy zero-trust workload access controls with namespace isolation recommendations 2. Extend firewall protection at the granular, workload level 3. Block lateral movement of APTs with identity-aware microsegmentation 4. Apply zero-trust security controls at application level Registration link is available in the comments section. ———— Tigera - Container Security with built-in network security #CNAPP #zerotrust #cloudnative #Kubernetes #containersecurity #cloudsecurity #eBPF #Istio #OpenShift #Rancher #AWS #Azure #GCP #Fortinet #PaloAltoNetworks #Zscaler #CrowdStrike #SentinelOne #EKS #AKS #GKE #Anthos #RedHat #Devops #SRE #Containers #GenerativeAI
1 Comment -
Shawn Wormke
📚 Want to learn NGINX? 🛠️Want to be hands on and interact with the experts? 🍀 You are in luck! We are hosting F5 academy events across the US and Canda in October and your invited to join us in a city near you! In-person NGINX One trainings start October 8. F5 is bringing exclusive in-person and personalized training across the US and Canada on NGINX One, an F5 product that simplifies and enhances the experience of managing, securing, and governing all NGINX components. You will gain an exclusive, in-person preview of how NGINX One streamlines modern application delivery. You'll also have the opportunity for hands-on experience with F5 Distributed Cloud and NGINX One, learning to manage instances, troubleshoot configurations, and strengthen security. After a networking lunch, we’ll wrap up with a customer collaboration session, featuring a roundtable discussion and presentations on XCWAS and AI. Check to see when we’ll be in your city & register now: http://ms.spr.ly/6041maETR I look forward to seeing you there! #nginx #devops #security #technology #ai
-
Richard Bird
Thoughts about API security coming out of the big events of this year's conference season. More than 65% of enterprise organizations have no API security capabilities today - and the other 35% rely heavily on coarse-grained security controls for a fine-grained security attack surface.
3 Comments -
Richard Giblin
IT environments are changing. Is your monitoring and observability solution keeping up? We've created an Observability Consideration Checklist to help you assess your current and future needs. Use the checklist to determine if a self-hosted or SaaS monitoring and observability solution is right for where you are today–and where you’re going tomorrow. https://lnkd.in/eV6aE2AB
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named John Walsh in United States
2009 others named John Walsh in United States are on LinkedIn
See others named John Walsh