Prevent expensive incidents and outages before they strike.

The key to trouble-free computing is an intelligently crafted, well managed defensive security strategy. No off-the-shelf product or service can provide this, nor can just any vendor. It takes a partner committed to understanding your environment and developing the right plan to safeguard your sensitive systems, networks, and customer records.


Scott Brown is a professional software developer and computer security expert. He has extensive industry and field experience in system administration, application development, and security management.

Read More


Scott works with individuals and businesses in the SF Bay Area, Los Angeles, and worldwide online to protect their vital data, fortify their security posture, and realize the maximum potential of their technology investments.

Read More


You don't have to go it alone in today's hazardous computing environment or become an IT expert yourself just to keep your business running smoothly. Let's discuss your idea, project, or problem.

Read More


Securing SSH Service on Fedora/RHEL/CentOS

So you’ve deployed your new VPS or cloud server and SSH is served up on port 22 with password authentication. If you’re reading this, you already know that’s entirely insecure and just begging to be attacked. I’ll detail my procedure for hardening SSH on Fedora Linux, the distro I run. This should also work on downstream RHEL and CentOS, and broadly speaking on any SSH server, though some bits may differ.

XML-RPC test code

Two Ways to Fully Disable WordPress XML-RPC

Back several years ago when XML-RPC attacks on WordPress were prevalent, I shared some techniques here for selectively countering such attacks. Most users, however, just want to shut XML-RPC off completely. They often land on the widely installed Disable XML-RPC plugin. This plugin unfortunately does not fully work. Let me show you why, share some better solutions, and update my unit testing code for Python 3 in the process.


Leaving Windows for Linux on my Primary System

Few outside the technology business may be fully aware that Windows 10 arrives in the context of a major strategy shift at Microsoft. Feeling the heat from Google, Apple, and others, Microsoft needs to mutate and evolve its business models to compete in the end user computing marketplace. Selling Windows and Office licenses for whatever number of cents OEMs pay them for the right to ship these products on newly purchased machines is no longer cutting it in an age of falling PC sales. There’s new business out there, a pie they’re hungry for a big piece of. …

Confirming superuser

How To Deploy MVPS HOSTS File on an Android Phone

I have replaced the default HOSTS file on my Android device with the MVPS HOSTS file, a blacklist for blocking advertising, tracking and malware-distributing server names. Installing this blacklist confers the same browsing security, privacy, and performance benefits on my phone as I have long enjoyed on conventional workstations: ad blocking, faster web page loads and decreased bandwidth usage, mitigation of browsing behavior profiling and contextual ad targeting, and reduced exposure to malware infection by malicious web sites. Allow me to demonstrate the specific procedure that I used and hopefully save others some time. …