Publications

Books

Death by Identity Theft — Book (2016 - Self Published)

Non-Fiction book detailing types of identity theft, the impacts of identity theft, and how to mitigate or reduce the risk of identity theft

Hacking of the Free — Book (2020 - Self Published)

Non-Fiction book on Understanding Digital Threats to Democracy in the 21st Century

Cyber Security: Rules to Live By — Book (2021 - Self Published)

Non-Fiction book designed to be an “introduction to cybersecurity” for non-technical individuals.

Editor

Radio Free Hub City - RadioFreeHubCity.com (2021 - Present)

President and Managing Editor of a local news site. Manage a freelance news team of approx. 2-4 members.

Cyber News Gator - CyberNewsGator.com (2023 - Present)

President and Managing Editor of a news site focused on cybersecurity, tech news, and gaming. Manage a freelance news team of approx. 2-3 members.


Conference Presentations

The Need for a Cyber Attack Warning System - (2013 - Recorded Future RFUN Conference, Washington DC)

Explore the history of attack warning systems, the historical context for cyber attacks crossing into the real world, as well as several case studies for what can be detected with a cyber-attack warning system.

Does Your Organization Understand the Value of Cyber Threat Intelligence? - (2023 - Tech at the Gap, Rocky Gap, Maryland)

In this research, Enterprise Management Associates set out to discover which CTI sources, methods, and integrations are currently working in the industry and where there is room for improvement. What we found was that many organizations are struggling with CTI, especially when it comes to data quality. The research provides key insights on the CTI sources organizations are having the most success with and how organizations can better leverage CTI in their everyday operations and technology integrations.

Training Classes

Social Engineering - You Are a Target — Web-Based Training Class (2014 - Dept. of Veterans Affairs)

One hour-long course on common social engineering techniques and how to prevent social engineering attacks. Custom developed to tailor to the Department of Veterans Affairs leadership.

Podcasts

Cybersecurity Awesomeness Podcast

In this new podcast, Chris Steffen, Vice President of Research Covering Information Security, Risk, and Compliance Management at EMA, and Ken Buckler, Research Analyst covering Information Security at EMA, talk about a wide range of cybersecurity topics.

https://www.devopsdigest.com/podcast

Research Reports


SSL/TLS Certificate Security – Management and Expiration Challenges

Research Report - End-User

07/26/2023

Co-Authored with Chris Steffen

Digital certificates play a vital role in securing online communications and transactions. They are used to encrypt sensitive data, authenticate users, and protect against various types of cyber threats. However...


Ransomware: How Increasing Attacks are Changing the Enterprise’s Security Priorities and Spending

Research Report - End-User

06/28/2022

Co-Authored with Chris Steffen

In 1971, the first self-replicating virus (called Creeper) was unleashed across the ARPANET as a proof of concept. The virus itself was not designed to do any harm, but instead simply highlighted potential vulnerabilities in mainframe computers...


Cyber Threat Intelligence – Transforming Data Into Relevant Intelligence

Research Report - End-User

04/18/2023

Co-Authored with Chris Steffen

Many organizations have leveraged cyber threat intelligence (CTI), a powerful tool, for over two decades. Until recent years, threat intelligence was extremely expensive and only the largest organizations with budgets that allowed for such investment...


Secure Coding Practices – Growing Success or Zero-Day Epidemic?

Research Report - End-User

01/19/2023

Co-Authored with Chris Steffen

From 2015 to 2021, the number of new vulnerabilities per year in the National Vulnerability Database grew from 6,487 to 20,139. This increase in vulnerabilities may be due to a significant skills gap when it comes to secure software development.

Whitepapers


Target-Centric Intelligence: Unlocking the Secrets of OSINT for Effective Cyber Defense

White Paper

07/21/2023

In the realm of cybersecurity, it is highly likely that you are already harnessing the power of open-source intelligence (OSINT) without even realizing it. Many teams are actively monitoring and tracking threat indicators and threat actors...


Less Complexity, More Return on Cybersecurity Investments

White Paper

04/19/2023

Depending on the type of attack, target organization, and effectiveness of an organization’s security defenses, attackers are typically inside a network for one to two months before being detected. The signals of the attacker’s presence...


Tricks of the Trade – How Malware Authors Cover Their Tracks

White Paper - Self Published

2013

As security applications evolve to detect more advanced malware, the authors of said malware must adapt and develop new tricks to avoid detection. 

Webinars


Cyber Threat Intelligence: Transforming Data into Relevant Intelligence

Webinar

06/13/2023

Many organizations have leveraged cyber threat intelligence (CTI), a powerful tool, for over two decades. With tools dedicated to processing and distributing CTI, it has become much more affordable and accessible in recent years. Combined with CTI sh...

Secure Coding Practices – Growing Success or Zero-Day Epidemic?

Webinar

02/07/2023

From 2015 to 2021, the number of new vulnerabilities per year in the National Vulnerability Database grew from 6,487 to 20,139. With this alarming rate of increasing software vulnerabilities and the significant security skills gap for software develo...

Ransomware: How Increasing Attacks are Changing the Enterprise’s Security Priorities and Spending

Webinar

09/07/2022

Today, ransomware is one of the fastest-growing threats in the cybersecurity industry, designed to not only self-propagate but also encrypt all files or entire systems across a network. This specialized malware has one primary purpose—to direct...


Vendor to Watch


EMA Vendor to Watch: NETSCOUT

Vendor to Watch

04/05/2023

EMA Vendors to Watch are companies that deliver unique customer value by solving problems that previously went unaddressed, or provide value in innovative ways. The designation rewards vendors that dare to go off the beaten path and have defined thei...


EMA Vendor to Watch: DuploCloud

Vendor to Watch

05/25/2022

EMA "Vendors to Watch" are companies that deliver unique customer value by solving problems that previously went unaddressed, or provide value in innovative ways. The designation rewards vendors that dare to go off the beaten path and have ...

Impact Briefs


Jamf Launches Executive Threat Protection Solution

EMA Impact Brief

10/09/2023

Ken Buckler

Jamf, a company that provides management and security solutions for Apple devices, launched Jamf Executive Threat Protection, an advanced detection and response tool for mobile devices. Built upon technology acquired in the ZecOps acquisition last Se...

Panorays Unveils Smart Match to Revolutionize Third-Party Security Risk Management

EMA Impact Brief

10/03/2023

Ken Buckler

Panorays, a prominent third-party security risk management solutions provider, introduced Smart Match, an innovative capability designed to expedite responses and simplify risk analysis. This development bolsters Panorays’ AI-powered third-part...

Foretrace Introduces “Tim” – AI Analyst Redefining Data Leak Response

EMA Impact Brief

10/03/2023

Ken Buckler

Foretrace, a pioneer in data leak and exposure management, unveiled “Tim,” a generative AI analyst designed to revolutionize the response to data exposure incidents. Tim’s real-time recommendations promise to augment human analysts,...

AWS Enables Proactive Security with Release of Amazon Security Lake

EMA Impact Brief

09/21/2023

Ken Buckler

Amazon Web Services (AWS) announced the general availability of Amazon Security Lake, a purpose-built data lake that centralizes an organization’s security data from various sources into a unified platform. The service enables customers to impr...

SimSpace Expands Cyber Force Platform for Enhanced Cybersecurity Defense

EMA Impact Brief

09/21/2023

Ken Buckler

SimSpace, an industry leader in military-grade cyber ranges, announced significant additions to its Cyber Force Platform. The platform now includes ML-driven adaptive attacks, cyber stack optimization, and automated deployment capabilities. These adv...

Unlocking Insights: Vaultree and Tableau Integrate for Secure Data Analytics

EMA Impact Brief

09/21/2023

Ken Buckler

Vaultree, a cybersecurity leader specializing in fully functional data-in-use encryption, announced a groundbreaking integration with Tableau, a renowned data visualization and business intelligence platform. This integration introduces a new era of ...

Action1 Invests $20 Million in Secure Cloud Solution with Zero-Knowledge Architecture

EMA Impact Brief

09/19/2023

Ken Buckler

Action1 Corporation, a leading provider of risk-based patch management solutions, announced a $20 million investment in its platform. The investment aims to enhance the company’s cloud-based solution for continuous remediation of security vulne...

ThreatHunter.ai Releases Cybersecurity Solution Based on AI and Human Expertise

EMA Impact Brief

09/19/2023

Ken Buckler

ThreatHunter.ai developed an innovative cybersecurity solution that combines advanced AI technology with expert human threat hunters. The solution addresses common cybersecurity challenges companies face, such as alert fatigue, improper system tuning...

Virsec Unveils Market-First Capabilities for Zero Trust Workload Protection

EMA Impact Brief

09/19/2023

Ken Buckler

Virsec, a leader in zero-day prevention for workloads, introduced a suite of market-first capabilities that automate the path to rapid deployment of zero trust workload protection, including stopping attacks in milliseconds.

Corelight and CrowdStrike Partner to Revolutionize Incident Response and Threat Hunting

EMA Impact Brief

09/19/2023

Ken Buckler

Corelight, a leading provider of open network detection and response (NDR) solutions, announced an expanded partnership with CrowdStrike, a prominent player in cloud-delivered endpoint protection. This partnership enables CrowdStrike to deploy Coreli...


CDW’s Recent Acquisitions Empower Cloud Strategies and Consulting Excellence

EMA Impact Brief

07/26/2023

Ken Buckler

CDW Corporation made two strategic acquisitions this year, bringing Enquizit and Locus into its portfolio. The acquisition of Enquizit enhances CDW’s Public Sector Cloud Services Practice, allowing for accelerated cloud strategies and increased...

SSH Launches OpenSSH Support Service for Multi-Platform SSH Environments

EMA Impact Brief

07/11/2023

Ken Buckler

SSH Communications Security introduced a support service for OpenSSH toaddress customer support challenges and provide high-quality SSH supportfor the open-source variant of SSH software. With support available forWindows and Red Hat Linux platforms,...

Cisco’s Acquisition of Lightspin Will Strengthen Cloud Security Offerings

EMA Impact Brief

07/11/2023

Ken Buckler

Cisco recently announced its intention to acquire Lightspin Technologies Ltd, a cloud security software company based in Tel Aviv. The acquisition will provide Cisco with a comprehensive cloud security posture management (CSPM) solution for cloud-nat...

Intrusion’s Innovative App Revolutionizes Mobile Device Security

EMA Impact Brief

07/11/2023

Ken Buckler

Intrusion, a leading provider of cyber attack prevention solutions, announced the release of its new mobile app, Intrusion Shield Mobile. Powered by the Intrusion Global Threat Engine®, Shield Mobile is now available in the Google Play Store and ...

ConnectWise Announces New Cross-Portfolio Security Capabilities for TSPs

EMA Impact Brief

07/11/2023

Ken Buckler

ConnectWise, a leading software company for technology solution providers (TSPs), unveiled its latest advancements in cross-portfolio security capabilities. These enhancements aim to empower TSPs with robust tools and solutions to address the evolvin...

Verimatrix’s Newest Offerings Enhance Mobile App Security

EMA Impact Brief

06/27/2023

Ken Buckler

Verimatrix, a leader in providing people-centered security for the modern connected world, announced the launch of a revamped user experience (UX) for its Extended Threat Defense (XTD) product, along with a new VMX Labs research team dedicated to inv...

Searchlight Cyber Launches Secure Virtual Browser for Dark Web Investigations

EMA Impact Brief

06/27/2023

Ken Buckler

Searchlight Cyber released Stealth Browser, a virtual machine designed to allow cyber professionals to conduct investigations on the dark web securely and anonymously. The browser is an addition to Searchlight’s automated investigation and inte...

Paladin Cloud Introduces Game-Changing SaaS Platform for Cyber Asset Protection

EMA Impact Brief

06/13/2023

Ken Buckler

Paladin Cloud, a leading open source cloud security company, launched its new SaaS cloud security platform. The platform helps organizations identify and visualize their cyber assets and security controls while monitoring their cloud environments for...

Lumu Launches SecOps Capabilities to Combat Growing Cybersecurity Threats

EMA Impact Brief

05/31/2023

Co-Authored with Chris Steffen

Lumu Technologies, a cybersecurity company that offers the Continuous Compromise Assessment model to measure compromise in real time, launched a new set of capabilities called Lumu for SecOps. The capabilities, which Lumu presented at the RSA Confere...

ColorTokens’ Microsegmentation Brings Zero Trust to Virtualized Containers

EMA Impact Brief

05/24/2023

Ken Buckler

ColorTokens, an American company specializing in zero trust cybersecurity, recently announced the addition of microsegmentation for virtualized containers to their portfolio of capabilities. The new feature provides security for containerized workloa...


Akamai’s Acquisition of Neosec Will Strengthen API Security and Visibility

EMA Impact Brief

05/18/2023

Ken Buckler

Akamai Technologies, Inc., an American company specializing in content delivery, cybersecurity, and cloud services, recently announced it definitive agreement to acquire Neosec, an industry leader in API detection and response, to strengthen Akamai&r...

Cradlepoint Acquires Ericom Software to Strengthen its Enterprise Security Offerings

EMA Impact Brief

05/17/2023

Ken Buckler

Cradlepoint, a leader in 5G for business solutions, announced the acquisition of Ericom Software, a cloud-based enterprise security platform provider. Cradlepoint plans to leverage Ericom’s zero trust and cloud-based security solutions to build...

IONIX Sets Target on Attack Surface Prioritization

EMA Impact Brief

05/17/2023

Ken Buckler

Cyberpion, an Israeli company specializing in attack surface management, rebranded as IONIX as part of their shift toward helping clients better prioritize cyber risk. The company’s unique approach focuses not only on the attack surface of clie...

Fortinet NSE Certification Program Expands to Evolving Skillset Needs

EMA Impact Brief

05/04/2023

Ken Buckler

Fortinet expanded its NSE Certification Program to address the evolving cybersecurity skillset needs of security professionals. The program now includes updated designations that provide more flexibility and advanced skills for individuals and securi...

Elastic Further Enhances Cloud Security Offerings

EMA Impact Brief

04/21/2023

Ken Buckler

Elastic, an American company specializing in indexing and searching large amounts of data quickly and efficiently, recently announced the expansion of Elastic Security’s capabilities, including cloud security posture management (CPSM), containe...

DigiCert to Provide Full Certificate and PKI Management

EMA Impact Brief

01/23/2023

Co-Authored with Chris Steffen

DigiCert, an American company based out of Utah, recently announced the release of Trust Lifecycle Manager, its full-stack certificate and PK  management solution. This solution unifies CA-agnostic certificate lifecycle management, PKI services,...

Proofpoint is Adding Identity Risk to Protect the “Keys to the Kingdom” with Illusive

EMA Impact Brief

01/12/2023

Co-Authored with Chris Steffen

Proofpoint, an American company based out of Sunnyvale, California, recently completed their acquisition of Israeli company Illusive. The acquisition will enable the addition of identity threat detection and response (ITDR) to its comprehensive threa...

Action1 Delivers Automated Peace of Mind for Remote Patch Management

EMA Impact Brief

01/10/2023

Co-Authored with Chris Steffen

Action1, an American company based out of Houston, Texas, recently announced the release of their Continuous Patch Compliance feature leveraging automated remediation of security vulnerabilities.

novoShield Delivers Next-Generation Phishing Protection for Mobile Devices

EMA Impact Brief

10/10/2022

Co-Authored with Chris Steffen

novoShield, an Israeli company based out of Tel Aviv, recently announced the release of their next-generation phishing protection platform for mobile phones. The initial release is available for home and business iPhone users, with Android and PC ver...

EMA Impact Brief: Safe Security

EMA Impact Brief

09/14/2022

Co-Authored with Chris Steffen

Safe Security, an American company headquartered in Palo Alto that specializes in cybersecurity and digital business risk quantification, recently announced the release of several new assessment tools designed to provide organizations quantifiable da...


Xcitium ZeroThreat Brings Zero Trust to the Endpoint and Stops Unknown Malware

EMA Impact Brief

09/07/2022

Co-Authored with Chris Steffen

Comodo Cybersecurity, an American company headquartered in New Jersey that specializes in endpoint protection, recently announced its rebrand under the name Xcitium. Coinciding with the rebrand is their release of Zero Dwell Containment technology de...

Release of AppTotal Enables Next-Gen App Security Research in the Cloud

EMA Impact Brief

08/23/2022

Co-Authored with Chris Steffen

Canonic Security, an Israeli company specializing in analysis of SaaS-native threats, recently announced the release of their flagship product, AppTotal. This cloud-based service enables administrators and security researchers to analyze cloud SaaS a...

Halo Security Release Shines Spotlight on Attack Surface Management

EMA Impact Brief

08/23/2022

Co-Authored with Chris Steffen

TrustedSite, an American company specializing in vulnerability scanning and certification, recently announced the spin-out of its attack surface management suite of services under the new Halo Security brand. The platform allows organizations to cons...

Security Journey Relaunch is a Much-Needed Move Toward Better Application Security

EMA Impact Brief

08/22/2022

Co-Authored with Chris Steffen

HackEDU, an American company based out of Pittsburgh, PA, recently completed their acquisition of Security Journey, also an American company, based out of Raleigh, NC. Both companies specialize in application development security training and are now...

NVIDIA Morpheus AI Framework Could Revolutionize Cybersecurity

EMA Impact Brief

07/13/2022

Ken Buckler

NVIDIA, an American multinational technology company, recently announced the general availability release of its Morpheus cybersecurity artificial intelligence (AI) application framework. This application framework, combined with NVIDIA graphics proc...

Elastic Security for Cloud – The Next Step in Securing Cloud and Hybrid Environments

EMA Impact Brief

06/23/2022

Ken Buckler

Elastic, an American technology company specializing in search-powered solutions and enterprise observability, recently announced the release of its cloud security product. This product will help organizations solve their visibility and observability...