16 Posts

Dave McMillen

Senior Threat Researcher, IBM Managed Security Services

Dave brings over 25 years of network security knowledge to IBM. Dave began his career in IBM over 15 years ago where he was part of a core team of six IBMers that created the IBM Emergency Response Service which eventually grew and evolved into Internet Security Systems. As an industry-recognized security expert and thought leader, Dave's background in security is full featured. Dave thrives on identifying threats and developing methods to solve complex problems. His specialties are intrusion detection/prevention, ethical hacking, forensics and analysis of malware and advanced threats. As a member of the IBM MSS Threat Research Team, Dave takes the intelligence he has gathered and turns out immediate tangible remedies that can be implemented within a customer’s network or on IBM MSS's own proprietary detection engines. Dave became interested in security back in the late 1980's and owned and operated a company that provided penetration and vulnerability testing service, one of the first of its kind. As the internet's footprint began to grow, it became clear to him there was a new problem on the horizon; protecting data. Dave worked with WheelGroup (later acquired by Cisco) where he helped develop NetRanger IDS and NetSonar. Dave also assisted with development of the very first IBM intrusion detection system, BillyGoat. Dave also has developed several other security based methods and systems which were patented for IBM.

Written By Dave McMillen

Blind SQL Injection: The Last Handkerchief Up the Attacker’s Sleeve

Blind SQL injections are still being leveraged by actors to steal information. Here's what users need to know about these persistent attacks.

Manufacturing Security: Managing Machines in Motion

What happens when manufacturing processes running at optimum efficiency to meet market demand are suddenly altered unintentionally or maliciously?

How Technology Advances Create Industrial Risk for Organizations

A look at industrial risk in industrial control systems (ICS), the susceptibility of ICS to certain attacks and how these systems can be defended.

IBM X-Force Research: Understanding the Risks of Content Management Systems

In today’s fast-paced business world there’s an ever-growing need for quick changes to web content. This used to be the responsibility of webmasters who created HTML code, JavaScript modules and plugins on the fly, but therein lay a fundamental...

IBM X-Force Research: The Perils of Phishing

At one time a novelty, email is today a fact of life that ties us to our family, our friends and, perhaps above all, our work. Email lets us send each other pictures, videos and documents almost instantly, far faster than postal mail ever could....

Hidden Warnings: A Look at Indicators of Compromise (IoC)

Modern techniques and tools can assist security professionals with digging in and identifying the key indicators of compromise (IoC) on a network.