NetSPI Blog

Eric H

Eric has over 15 years of information security experience including network engineering, UNIX administration, and consulting. Eric specializes in network architecture and device security, secure storage, and virtualization technologies. Eric’s recent projects include administering a heterogeneous virtual environment based on VMware and Hyper-V server which directly supported a large MSSP and numerous Fortune 1000 customers. He also provided network and security administration and support for large multi-tenant networks in ISP and MSSP environments.

Eric H
October 13th, 2014

IT Asset Management – Where to Start

Not enough emphasis is given to IT asset management. This is one of the first things an organization needs to get under control before they can really implement any security program. Yet few people do it well, if at all. How can you possibly protect an environment if you don’t know what assets make up […]

Eric H
February 4th, 2014

Vulnerability Disclosure Submission Standard?

I present you with RFC2142, please take a minute to skim through it for a little context. This RFC aggregates all of the recommended mailbox names that network and computer operators should setup depending on what public services they offer (You did setup and continue to monitor important mailboxes like postmaster, abuse, and so on, […]

Eric H
September 16th, 2013

Firewall Configuration Review

Firewalls are a spot of contention for many within the information security community. Many people put too much faith in a network firewall and assume that because there is one on the network somewhere, that they're “hacker proof.” Others do not put enough faith in a network firewall because many are deployed improperly or they're […]

Eric H
July 2nd, 2012

Virtualization Security Resources

Getting started with virtualization security can be a little daunting. I’m not going to go into a great level of detail, but I do want to point out some sources of information to get you started down the path to securing your virtual datacenters (you did plan the security of the infrastructure before you virtualized, […]