📖 Overview
Johannes Ullrich is a cybersecurity expert and researcher who serves as Dean of Research at the SANS Technology Institute. He is best known for founding DShield.org, a global network security monitoring system that collects data about malicious internet traffic.
As the host of ISC StormCast, a daily information security podcast, Ullrich provides analysis of emerging cyber threats and security incidents. His research focuses on network security monitoring, intrusion detection, and incident handling.
Ullrich holds a PhD in Physics from SUNY Albany and has authored numerous papers on cybersecurity topics. He is frequently cited in technical publications and media outlets regarding network security threats and defensive strategies.
His contributions to the field include developing innovative monitoring techniques for identifying attack patterns and establishing collaborative platforms for sharing security intelligence. Ullrich regularly presents at major security conferences and provides training through the SANS Institute's educational programs.
👀 Reviews
Limited review data exists online for Johannes Ullrich's works. He is known for contributions to the SANS Internet Storm Center (ISC) and cybersecurity publications rather than books.
Readers appreciate:
- Clear explanations of complex security concepts
- Practical, actionable advice in his blog posts
- Quick response time addressing new threats
- Engaging presentation style in podcasts
Common criticisms:
- Technical writing can be too dense for beginners
- Some older materials need updates
No ratings available on Goodreads or Amazon for book-length works. His SANS ISC diary entries receive regular reader comments praising his timely analysis. One reader noted: "Johannes breaks down complicated vulnerabilities into understandable chunks."
Blog and podcast reviews average 4.5/5 stars across platforms like Apple Podcasts and security forums, based on informal reader feedback. Specific review metrics not publicly available.
📚 Books by Johannes Ullrich
Malicious Scripts (2004) - A technical handbook for system administrators and incident handlers on detecting malicious scripts, PHP exploits, and shell code in Unix/Linux environments.
Monthly Security Reports (2004-present) - A regularly updated series of technical articles analyzing emerging network security threats and vulnerabilities, published through the SANS Internet Storm Center.
Network Security Tools: Writing, Hacking, and Modifying Security Tools (2005) - A guide to creating and customizing network security monitoring tools and scripts using programming languages like Perl and Python.
Intrusion Detection and Prevention (2007) - A technical manual covering the setup, configuration and operation of intrusion detection/prevention systems and analysis of network attack patterns.
Monthly Security Reports (2004-present) - A regularly updated series of technical articles analyzing emerging network security threats and vulnerabilities, published through the SANS Internet Storm Center.
Network Security Tools: Writing, Hacking, and Modifying Security Tools (2005) - A guide to creating and customizing network security monitoring tools and scripts using programming languages like Perl and Python.
Intrusion Detection and Prevention (2007) - A technical manual covering the setup, configuration and operation of intrusion detection/prevention systems and analysis of network attack patterns.