Publications and Conferences

This is a non-exhaustive list of blogs, podcasts, articles, reviews, conferences hosted, and other publications I've created, co-created, or been involved in.

30 publications

(Re)building Threat Detection and Incident Response at LinkedIn

(Re)building Threat Detection and Incident Response at LinkedIn

This blog discusses how LinkedIn rebuilt its security operations platform and teams, scaled to protect nearly 20,000 employees and more than 875 million members, and our approach and strategy to achieve this objective.

Crafting the Infosec Playbook

Crafting the Infosec Playbook

Co-authored this O'Reilly book on building an incident response program and creating the process, philosophy, and architecture for implementing an information security monitoring program. The book was also translated into Japanese.

Disk Image Deception

Disk Image Deception

Cisco blog post highlighting our encounter with a malspam campaign that misused the .IMG file extension and lessons learned.

The Right Data at the Right Time

The Right Data at the Right Time

Presented at the SANS SIEM Summit on defining the right observability for security monitoring and how to apply the data collection principles to delivering security monitoring.

Cognitive Bias in Incident Response

Cognitive Bias in Incident Response

Blog on pitfalls of overconfidence in cybersecurity incident response, highlighting the Dunning–Kruger effect and emphasizing robust methodology.

CSIRT Schiltron: Training, Techniques, and Talent

CSIRT Schiltron: Training, Techniques, and Talent

Presentation on enabling readiness and improving capabilities with evolving threat profiles and new skillsets for incident response teams.

How Computer Incident Response teams use CTI to keep up with the miscreants

How Computer Incident Response teams use CTI to keep up with the miscreants

Presentation at LACNIC 29 in Panama on applying cyber threat intelligence to incident response and detection engineering playbooks.

Incident Detection and Response

Incident Detection and Response

InterOp Japan presentation on building a world class security team and demonstrating approaches with web filtering and intrusion detection.

Ad-Weary Or, "What Could Possibly Go Wrong?"

Ad-Weary Or, "What Could Possibly Go Wrong?"

Presentation at Security B-Sides Asheville and LACNIC/LACNOG 26 on ad-ware threats in enterprise networks and mitigation lessons.

FIRST Technical Colloquium Amsterdam

FIRST Technical Colloquium Amsterdam

Annual FIRST Technical Colloquium in Amsterdam producing hundreds of talks on incident handling, threat intelligence, malware analysis, and more.

The State of Web Security: Attack and Response

The State of Web Security: Attack and Response

Cisco Live presentations covering web-based attacks and protections through HTTP/S inspection and web-based logging and monitoring.

Cloud Security Observability for Detection and Response (Podcast)

Cloud Security Observability for Detection and Response (Podcast)

Discussed enterprise scale security observability for incident response and threat detection on the Google Cloud Security Podcast.

International Women in Engineering Day LinkedIn Live

International Women in Engineering Day LinkedIn Live

Cisco Security Blogs by Jeff Bollinger

Cisco Security Blogs by Jeff Bollinger

Cisco TAC Security Podcast: Web Security with Jeff Bollinger

Cisco TAC Security Podcast: Web Security with Jeff Bollinger

ZDNet article: LinkedIn has massively cut time to detect threats

ZDNet article: LinkedIn has massively cut time to detect threats

RSA: Crafting the Infosec Playbook Review

RSA: Crafting the Infosec Playbook Review

SIEM Books on Amazon (Solutions Review)

SIEM Books on Amazon (Solutions Review)

Interview: Confirmation bias in incident response (The Register)

Interview: Confirmation bias in incident response (The Register)

ACM SIGCAS: Responsible Disclosure

ACM SIGCAS: Responsible Disclosure

Splunk: Book review of Crafting the Infosec Playbook

Splunk: Book review of Crafting the Infosec Playbook

Cisco Cybersecurity Series: Threat Hunting (quoted)

Cisco Cybersecurity Series: Threat Hunting (quoted)

Cisco IT Case Study: Web Security

Cisco IT Case Study: Web Security

Cisco Datacenter Case Study: Network IPS

Cisco Datacenter Case Study: Network IPS

Article on Jeff Bollinger from UNC SILS

Article on Jeff Bollinger from UNC SILS

O'Reilly Author Page for Jeff Bollinger

O'Reilly Author Page for Jeff Bollinger

Crafting the Infosec Playbook on Awesome Incident Response

Crafting the Infosec Playbook on Awesome Incident Response

Ad Weary - BSides Asheville Information Security Conference

Ad Weary - BSides Asheville Information Security Conference

Breaking into Cybersecurity with Jeff Bollinger - Incident Response

Breaking into Cybersecurity with Jeff Bollinger - Incident Response

LinkedIn's Jeff Bollinger on the Role of Human Intuition in Addressing Security Challenges.

LinkedIn's Jeff Bollinger on the Role of Human Intuition in Addressing Security Challenges.