Data Mining ETW - In this technical segment we will look at how to tap into the vast amounts of data logged by Windows Communication Foundation (WCF) and fed to Event Tracing for Windows (ETW). ETW Provider will sometimes log information excesive amounts of information giving an attacker access to sensitive data. By tapping into these otherwise silent logging mechnisms an attacker can find all kinds of useful information.

AWESIEM - After years of making security databases, I realized that Security Information doesn't match up to the way databases have to be normalized - I started looking at Ontology languages and triple stores instead to store security info, and am now working on an app framework to write security apps using an ontology storage backend, it's called AWESIEM. Here's my intro on how to use ontologies for infosec knowledge.