Grayson Walters

Go hack yourself.

This is mostly a place for me to keep all of my things together, but hopefully you can get some value out of it as well. Some things you will find on this site:

Publications from projects with which, I’ve been involved.
Projects that I worked on.
Talks - Slides and details from my speaking engagements
Posts that are mostly interesting content from around the tubes that I wanted to keep long term.
Reading list list of sites worth perusing, IMHO.

Views and opinions expressed are my own and have no relation to my day job.

Recent Posts

Wrapping up my take on RVASec 2017

Mon, Jun 12, 2017 Conferences

My take - RVASec is really turning into a great conference. Each year the team adds a little something to improve it. @mikko Mikko Hypponen gave the keynote, and as expected it was very informative, and had plenty of humor as well. I saw some great talks, @danielhbohannon did one on Invoke-CradleCrafer, which stood out to me. I also enjoyed the Managing Crowdsourced Security Testing talk that @CodexWebSecurum (Mike Shema) gave.

Kali in AWS for free

Sun, Jun 11, 2017 tools

My take - Irfan Shakeel over on the Alienvault blog shows step by step how to fire up a kali image in aws under the free tier. This is faster than fiddling with your router settings, and safer too. “Configuring Kali Linux on Amazon AWS Cloud for free …The best possible way to accomplish your objective is to host Kali Linux in the cloud, where the vendor manages the network and server, so you can focus on your pentesting.

New site; Oooh, Shiny

Tue, Jun 6, 2017 This Site, Hugo

I’ve updated the site. So, look, the old site was a ton of work to manage, and I don’t even think my mom was reading it. At any rate, I recently saw a few mentions of Hugo. I finally took the time to dig into it, and I really like the way it works. Basically, it is a static site generator. No more php. No more fiddly cms to deal with.

Announcing Google Capture the Flag 2017

Tue, Jun 6, 2017 CTF

My take - Google is spinning up their CTF again this year. I found it interesting that of the 2,400 teams that competed last year, 1,500 were unable to solve a single challenge. From the article: “Announcing Google Capture the Flag 2017 On 00:00:01 UTC of June 17th and 18th, 2017 we’ll be hosting the online qualification round of our second annual Capture The Flag (CTF) competition. In a ‘Capture the Flag’ competition we create security challenges and puzzles in which contestants can earn points for solving them…”

POLICY ON FOOD PROVISIONING AT MEETINGS

Tue, Jun 6, 2017 satire

My take - FINALLY a security policy that actually addresses an actionable and truly important effort. From the article: “POLICY ON FOOD PROVISIONING AT MEETINGS RATIONALE Experts and decades of research have confirmed the importance of proper nutrition and hydration in promoting cognitive function. Therefore, it is the policy of the Information Security Office that all meetings must include adequate nourishment for each participant…” Credit: Like 25 people posted it in my twitter feed.

Speaking Engagements

Pentest on a Shoestring Budget
Fri, Jun 9, 2017, RVASec 2017
Security Leaders Panel
Fri, Apr 8, 2016, COVSec 2016
The “New Norm” in Cyber Security: What’s Trending Now in Public Sector
Mon, Nov 16, 2015, Webinar - Guest Speaker
Emerging Threats
Tue, Mar 13, 2012, VCU RISC Conference 2012

Projects

Intelligence Community Analyst Private Sector Partnership

This program enables intelligence community analysts and private sector partners to gain a greater understanding of how their disparate, yet complementary, roles can work in tandem to ensure mission success.

Publications

Cyberthreat Recognition & Mitigation

A guide for small & medium sized business. This publication was developed with a host of individuals from various industry private and public partners.

Virginia Department of Taxation, Department of Defense, Defense Intelligence Agency, Department of Justice, AMGEN, Hewlett Packard Enterprise, StratusCyber, Armera Cyber Solutions

Department of Homeland Security

Details PDF Project

Understanding Cyber Threats

A guide for small & medium sized business. This publication was developed with a host of individuals from various industry private and public partners.

Virginia Department of Taxation, Department of Defense, Defense Intelligence Agency, National Security Agency, Department of Justice, Wisconsin Statewide Information Center, AMGEN, Hewlett Packard, CHS, Armera Cyber Solutions, MITRE, United States Air Force Academy

Office of the Director of National Intelligence

Details PDF Project

Grayson Walters

Information Security

Biography

Grayson Walters has over 20 years of Information Technology and Information Security experience. Currently, he serves as the Information Security Officer for the Virginia Department of Taxation. Previously, Grayson served as the Information Security Officer for the Virginia State Corporation Commission. His prior positions include leading the security engineering branch of a Richmond based IT consulting firm where he oversaw penetration testing, security policy development and security product implementation activities for dozens of clients. Grayson also served as the Lead Network Architect for Standing Joint Force Headquarters – Homeland Security after his enlistment in the US Navy.

Grayson currently serves on the Commonwealth Information Security Council, and recently served on committees sponsored by the Office of the Director of National Intelligence, and Homeland Security.

Interests

Infosec
Pentests
Red Team
Arduino/RPI

Education

MS Computer Information Systems Security, 2016

Virginia Commonwealth University

Reading List!

Pages that I find to be worthwhile

Here is a collection of sources that I found to be worth the time to check out. If I see a good post somewhere, it lands in the post section, regardless of where I found it. If I start seeing a bunch of good posts, I will put the parent site here when I get around to it.

Infosec Sites
- https://tisiphone.net/ – @hacks4pancakes – Lesley Carhart