InfoSec Judo | The Art of Cyber Defense

哲学

The Philosophy

柔

Ju Flexibility

In cybersecurity, rigidity breaks. Like water, we adapt to threats, flowing around attacks to neutralize adversaries.

$ adapt --to-threat && overcome

道

Do The Way

Security is not a destination but a continuous journey of vigilance, learning, and improvement.

$ while true; do learn && defend; done

欺

Gi Deception

The master uses the opponent's force against them. We deploy honeypots and misdirection to frustrate adversaries.

$ deploy honeypot | trap attacker

精力善用

Seiryoku Zen'yo

Maximum efficiency, minimum effort. Automate the mundane. Build interlocking controls that amplify each other.

自他共栄

Jita Kyoei

Mutual welfare and benefit. Share knowledge through open-source tools. Strengthen the ecosystem together.

武器

The Arsenal

Open-source security tools for real-world challenges

Deception

honeypi

Stateless TCP honeypot. Co-invented with Tom Liston. Catch attackers without maintaining state.

C / libpcap

IR

difftree

Fast directory comparison for incident response. 5 stars - Linux Pro Magazine.

GitHub C

Log Analysis

tmpltr

Log Templater with artificial ignorance. Millions of lines per minute. Rapid7 Magnificent 7 nominee.

GitHub C

Deception

sshcanary

Low-interaction SSH honeypot. See what credentials attackers try.

GitHub

Log Analysis

logpi

Log Pseudo Indexer. Fast indexes for IPs and MACs in text data.

GitHub

Network

wirespy

Packet sniffer generating firewall rules and netflow logs.

GitHub

Forensics

pdfcarve

Extract malicious payloads from weaponized PDFs.

GitHub

Network

pproxyd

Passive proxy daemon. Sniff web traffic, generate Squid logs.

GitHub

Visualization

threat_plotter

Plot threats on Hilbert curves for pattern analysis.

GitHub

Log Analysis

quickparser

Regex-less parser. 2.6M lines/minute to pseudo-XML.

GitHub

Network

ip2cidr

Consolidate IP lists into CIDR blocks.

GitHub

Utility

buniq

Bloom filter deduplication for massive datasets.

GitHub

View All on GitHub

技

Cyber Techniques

Nage-waza Throwing

大外刈 Osoto-gari

Honeypot Redirect

Lead attackers into controlled environments where every move is logged.

背負投 Seoi-nage

Traffic Analysis Flip

Analyze malicious traffic patterns. Turn their recon into your advantage.

巴投 Tomoe-nage

Deception Sacrifice

Deploy canaries. Let them think they've won while you watch.

Katame-waza Grappling

袈裟固 Kesa-gatame

Network Segmentation

Pin down threats with interlocking controls. No lateral movement.

十字固 Juji-gatame

Zero Trust Lock

Apply pressure at every authentication point. Never trust, always verify.

送襟絞 Okuri-eri-jime

Rate Limiting Choke

Gradually restrict resources until threats tap out.

先生

The Sensei

師

Ron Dilley

Principal Cyber Security Architect | IANS Faculty | CISSP

"The mad ramblings of a cyber security curmudgeon (in training)"

Two decades building and leading information security practices. Focused on innovation, deception, and frustrating adversaries through interlocking controls.

Former CISO Warner Bros. Entertainment

Former Director IS Security, Amgen

Recognition FBI LA CyberSquads Commendation

Speaker Black Hat, ISOI, ISSA, ISACA

iamnor.com uberadmin.com GitHub LinkedIn

(ISC)²ISSAISACAISOIIANS FacultyVizSec

書

Writings & Talks

The Cybersecurity Manager's Guide

Beyond the 10 domains - the art of building your security program. Creating a "neighborhood watch" environment and involving data owners in security decisions.

View on Amazon

Cyber Security v2.0: Embracing Artificial Intelligence

Exploring the intersection of AI and cybersecurity. How artificial intelligence is transforming defense strategies and what security practitioners need to know.

View on Amazon

Recent Talks

2025 Building a Cybersecurity Team in the Age of AI Planet Cyber Sec
2025 Cybersecurity & AI ISSA-LA
2024 Unleashing the Power of AI Planet Cyber Sec
2023 Zero Trust Odyssey AT&T Security Conference
Redefining Zero Trust ITSPMagazine w/ Marcus Ranum
What Keeps CISOs Up at Night Black Hat Radio

Publications

Making Sense of Logs USENIX ;login
Someone to Watch Over Me SLAML w/ Marcus Ranum
Learn the Lessons of the Sumo ComputerWeekly
Beyond Defense-in-Depth IANS
Network Metrics and KPIs IANS
Selling Packet Vacuums Door-to-Door IANS

Blog Posts

Oct 2025 AI Ethics
Sep 2025 When AI Meets the Impossible
Aug 2025 Claude, C, and Carnage
Jul 2025 Using Claude Code to Hunt Security Bugs

More at iamnor.com →

連絡

Enter The Dojo

$ ./connect.sh

[*] Establishing secure channel...

[OK] Ready

@

Contact

Via LinkedIn or iamnor.com

#

Speaking

Conferences and podcasts

</>

Collaborate

Open source on GitHub