Twitter | Search | |
Robert M. Lee
Founder & CEO | SANS & course author & Certified Instructor | nonres Fellow | writer | NSA & USAF Veteran
17,364
Tweets
503
Following
27,809
Followers
Tweets
Robert M. Lee 5h
Replying to @dyn___
There’s not yet I assume the team will do a blog about it eventually but can’t give away too much as it’s an event that gets re-run
Reply Retweet Like
Robert M. Lee 7h
Grassmarlin fingerprints are covered by Integrity too. Integrity also has DPI for some major protocols, better visualization, and better scalability. But Grassmarlin is open source so it can be extended for custom needs.
Reply Retweet Like
Robert M. Lee 9h
Replying to @RebelPowell
Thanks! Been great having you in class.
Reply Retweet Like
Robert M. Lee 20h
Replying to @JamieBuening
Best team ever
Reply Retweet Like
Robert M. Lee 22h
Replying to @Cyber7acus
Looking forward to having you then
Reply Retweet Like
Robert M. Lee 22h
It is not an open source tool and Idaho National Labs / DOE have classified the tool with restrictions on dual use and ITAR. It cannot be released to certain countries.
Reply Retweet Like
Robert M. Lee 22h
Replying to @infracritical
Lots of love for you man you know that
Reply Retweet Like
Robert M. Lee 22h
Tim Conway kicking off the first ever SANS Grid NetWars (we’ve run ICS NetWars before but this is the first of the Grid specific one). Been fun teaching now time to watch my students dominate.
Reply Retweet Like
Robert M. Lee Mar 22
Replying to @infracritical
Yes
Reply Retweet Like
Robert M. Lee Mar 22
Replying to @bengoerz @DragosInc
It’s still a closed source tool, has government restrictions on it. But free no limitations it’s fine for consultants, asset owners, etc.
Reply Retweet Like
Robert M. Lee Mar 22
Replying to @bengoerz @DragosInc
Practical, its use-case not a restriction. I.e. I can’t recommend to folks to do multi site deployments of a tool that isn’t supported. Do no harm kind of thing
Reply Retweet Like
Robert M. Lee Mar 22
Replying to @RobertMLee
I don’t want the defense of my team to be construed as an attack on him. His comments were BS - but he’s an awesome person and cares about the community too
Reply Retweet Like
Robert M. Lee Mar 22
And for the record has done a ton of things for the ICS community. Even when he and I don’t see eye to eye I respect him a lot and the contributions he’s made. I will defend my team’s integrity whenever questioned but that’s not an indictment on him as a person.
Reply Retweet Like
Robert M. Lee Mar 22
You are calling me a liar in public Dale. At least have a reason.
Reply Retweet Like
Robert M. Lee Mar 22
Replying to @wendynather
Thanks Wendy much love and respect to you for sincerely caring about the community as well
Reply Retweet Like
Robert M. Lee Mar 22
Replying to @RobertMLee
And I get the “you’re giving voice to it by addressing it” argument. But the ICS community is important to me. And to essentially be called a liar in a widely sent email to the ICS community is a total bullshit move Dale. So I’m calling it out as such.
Reply Retweet Like
Robert M. Lee Mar 22
Replying to @Shadow0pz
From his email to folks in the ICS community: “Likely either some talent acquisition or customer/prospect acquisition or expansion from NexDefense deployments.” Which we would have without releasing the tool for free and would make horrible acquisition tactics.
Reply Retweet Like
Robert M. Lee Mar 22
Replying to @RobertMLee
I’ve been part of this community a heck of a lot longer than I’ve been a vendor. I’ve been friends with Dale and a supporter of S4 before it was ever something to sponsor or use. The ICS community needs optimism. Not skepticism about every single little thing.
Reply Retweet Like
Robert M. Lee Mar 22
Replying to @digitalbond
So why am I ranting in public? Why address ’s accusation at all who I ABSOLUTELY respect and consider a long time friend? Because it’s absolutely silly that the ICS community has folks that can be so overtly cynical as to essentially encourage people not to take help
Reply Retweet Like
Robert M. Lee Mar 22
Replying to @RobertMLee
So we legitimately have to validate company and country origin before releasing the tool. So business emails are required. Will we use the leads? Absolutely. We aren’t purposely bad at business. But it’s different than our normal content for a reason.
Reply Retweet Like