Security Jobs
Back to list
|
Post reply
Expert in Security Event Management (as well as other things)- Resume
Jun 26 2003 10:38PM
Jimmy Alderson (blue0ne digitalguardian net)
Disclaimer: There is no "fluff" in this resume
Jimmy L. Alderson
Address Available on Request
678-591-2532 (HOME)
jimmy (at) digitalguardian (dot) net [email concealed] (E-MAIL)
OBJECTIVE
To continue to manage the design of security event correlation engines
using cutting edge technology and theories in the information security
space in order to provide analysis solutions to enterprise wide problems
caused by volumes of disparate security data.
EXPERIENCE
? Senior Security Engineer, MSSP, (CSC) 01/03 ?05/03 (CONTRACT)
CSC specializes in outsourced network security solutions for large
government agencies and commercial corporations. CSC provides 24x7x365
monitoring/analysis capability along with Incident Response assistance.
I joined CSC's MSSP organization in an attempt to check the pulse of the
industry which is the consumer of Security Event Management products. My
responsibilities and accomplishments included but were not limited to,
the following:
? Developed the training curriculum for new security monitors and
analysts (Tier 1 and 2 respectively).
? Designed and developed a network architecture composed of
several ?home-grown? products to affect a correlation capacity internal
to and between client data feeds.
? Designed and developed scripts to automate report generation.
? Performed Tier 3 level analysis of security events and trending
analysis for client networks.
? Mentoring of monitors and analysts.
? Account management of service subscribers
? Director, Satellite Labs, eSecurity, Inc., 04/00 ? 12/02
eSecurity is a software company that provides a Security Event Management
enterprise application. Having had written one for USInternetworking, I
felt this a perfect fit. Satellite Labs is the six person R&D arm of
security professionals responsible for researching, designing, and in
some cases developing new product angles. SatLabs served as a internal
consulting arm to the CTO, Product Management, and Development teams. My
responsibilities and accomplishments included, but were not limited to,
the following:
? Direct support to the CTO in the areas of Secuity Event Analysis
and Event Correlation.
? Direct support to the Product Management team in the areas of
Secuity Event Analysis and Event Correlation.
? Direct support to the Development team in the areas of Security
Event Analysis and Event Correlation.
? Researched and designed algorithms for detecting emergent
patterns in network event data.
? Researched and designed algorithms for performing memetic
surveillance of network events to allow for predictive analysis.
? Assisted in the design of the communications mechanism for e-
Sentinel 4.0.
? Designed a security event automatic analysis process for e-
Sentinel 4.0.
? Designed and developed the e-Security Advisor. This system
brings data from Security Focus into a form where the linkages between
attack code and vulnerability code can be leveraged to allow for better
correlation of potential risk during post-analytical reports as well as
real-time.
? Designed and developed a Time Based Event Correlation Engine that
utilizes polymorphic pattern matching (This is commercially known as Real
Time Alert Correlator RTAC®).
? Designed and developed API for the RTAC® to enable the ability to
access it as an object programmatically.
? Designed and developed the ability for the RTAC® to utilize
configuration files to allow for the addition or subtraction of features
without a development effort.
? Designed and developed a standard for Agent development that
enables the normalization of data from disparate vendors and applications
into a standard format or meta data.
? Designed and developed a data parsing engine to parse the afore
mentioned meta data into an Oracle DB.
? Designed and developed a shell based wrappers like authentication
script.
? Designing and Developing agents that reside remotely and monitor
security based products for current information.
? Project Team lead and mentor for several design and development
efforts.
? Spending time on customer sites to ensure the technical success
of product sales.
? Director, Centers of Excellence, META Security Group (METASES),
03/99 ? 04/00
META Security Group (an affiliate of META Group Analyst Firm) offers
security consulting services and hands-on operational support services
including threats and vulnerability assessments, policy and standards
development, network monitoring services and technical research and
development. My responsibilities and accomplishments included, but were
not limited to, the following:
? Director of the Center of Excellence for Network Monitoring and
Intrusion Detection.
? Developing standards and processes in regards to intrusion
detection being deployed over a wide area network (WAN). These processes
drastically reduce the Total Cost of Ownership (TOC) of any commercial or
opensource Intrusion Detection System.
http://online.securityfocus.com/library/3023
? Director of Emerging Technologies (R and D).
? Designed and Developed Business Case/Technical Specs for
automated delivery of vulnerability issues and solutions to clients based
on their current infrastructure requirements (This project was
productized and is still being sold).
? Researched and developed new vulnerabilities as they relate to
computer and network security.
? Project Manager for national consulting in the field of network
security for a wide range of industries, including financial,
telecommunications, manufacturing, and government agencies.
? Managed the technical and logistical support of consultants in
the field.
? Managed, developed, and implemented the training of new
consultants in regards to network security.
? Conducted Security reviews of clients' perimeters and internal
networks.
? Senior Security Analyst, USInternetworking (USI), 08/98 ? 03/99
USinternetworking Inc. (NASDAQ: USIX) is the leading Application Service
Provider (ASP), outsourcing business applications over the Internet for a
flat monthly fee. USi's full range of services allow companies to quickly
deploy enterprise applications without the associated cost and burden of
owning, managing or supporting the applications or underlying
infrastructure. My responsibilities and accomplishments included, but
were not limited to, the following:
? Designed network architectures that allow for enterprise wide
Intrusion Detection on switched or redundant networks while minimizing
cost by 75%. (See Papers)
? Designed and developed the security policy for Intrusion
Detection systems across a worldwide network.
? Integrated Intrusion Detection alerts into the current Tivoli
network management infrastructure.
? Designed, developed, and maintained a system that consolidates
all Intrusion Detection log and alert information from different
commercial platforms including Firewall data, into one SQL database for
event correlation and real time analysis.
? Developed a GUI console to view Intrusion Detection data from
different commercial products in a real time format.
? Developed a web interface to allow different customers in a
managed service with their servers located on the same logical network to
view only their Intrusion Detection data in a real time format.
? Provided 3rd level support to a 24x7x365 operations staff.
? Conducted security reviews of in house developed applications.
? Conducted network security tests against USi networks to identify
and mitigate security vulnerabilities.
? Developed and maintained operating system security hardening
documents.
? Internet Senior Security Specialist/Consultant, Internet Security
Systems (ISS), 11/97 ? 08/98
Internet Security Systems, Inc. (NASDAQ: ISSX), is the pioneer and
leading supplier of adaptive security management systems, providing
enterprise-wide information protection software. ISS is also a worldwide
innovator of security solutions designed to augment the security
performance of existing systems by complementing security safeguards such
as firewalls, authentication and encryption. My responsibilities
included, but were not limited to, the following:
? Designed, developed and managed the 2nd generation training
department and coursework.
? Provided consulting nationally in the field of network security
for a wide range of industries, including financial, telecommunications,
manufacturing, and government agencies.
? Working closely with clients on implementing intrusion detection
systems (RealSecure) into a current infrastructure.
? Developing standards and processes in regards to intrusion
detection being deployed over a wide are network (WAN).
? Working closely with clients on strategically conducting
penetration tests against their networks using Internet Scanner.
? Conducting enterprise security audits and evaluations plus
network security vulnerability assessment projects.
? Producing security reports for technical to upper management
level clients, which present security vulnerability findings.
? Developing database tools to assist in streamlining customized
reports for clients.
? Conducting ?pilot programs? for customers to help show the
effectiveness of security measures on their networks.
? Developing certified courseware for the entire ISS product suite.
? Developing test labs to be used at corporate headquarters.
? Working closely with X-Force (R&D) to assist in maintaining ISS?s
awareness of new security threats and vulnerabilities.
? Computer/Internet security specialist, United States Navy FIWC
(Fleet Information Warfare Center), 2/96 ? 10/97
The NAVCIRT (Naval Computer Incident Response Team) is a subdivision of
FIWC and is responsible for providing assistance and support to the U.S
Naval fleet in all events of information warfare. My duties as a
security specialist include the following:
? Configuring Sun SPARC workstations as network intrusion detection
systems developed by Lawrence-Livermore Labs.
? Training naval personnel to install, configure, use and monitor
intrusion detection systems.
? Researching vulnerabilities for a wide variety of operating
systems and software.
? Performing on-line surveys of remote systems to determine
vulnerabilities.
? Developing Graphical User Interfaces (GUI) to assist end-users in
the speed and accuracy of delivering vulnerability reports to customers.
? Delivering non-technical, yet explanatory briefs to high-ranking
personnel concerning the potential impact of found vulnerabilities.
? Assisting technicians and system administrators in repairing
found vulnerabilities.
? Developed standard operating procedures concerning the execution
of on-line surveys for naval systems.
? Maintaining a database of virus infections for use by end-users
to assist in repairing damage as well as determining trends.
? Examining viruses written in Assembly, C, WordBasic and Visual
Basic to determine method of infection and simplify detection.
? Assisted as a consultant to Naval Criminal Investigative
Service/Federal Bureau of Investigation personnel during the
investigation of computer crime incidents.
? Given presentations to investigative audiences from agencies such
as the Department of Justice and National Security Agency,
concerning "hacker profiling" and what steps to take in tracking such an
individual.
? Assistant Automated Data Processing Security Officer, VAW-124,
9/94 - 2/96VAW-124 is a carrier based early warning squadron. My duties
included the following:
? Maintaining a current and accurate list of all registered
software and hardware within the squadron.
? Maintaining configuration control and electronic/physical
security of sixty personal computers.
? Troubleshooting and repair of these systems.
? Implemented an Intranet based e-mail system.
COMMUNITY INVOLVEMENT
Along with mentoring several of the industry?s brightest security
experts, I also serve as a current member of the CVE Editorial board.
? http://cve.mitre.org
Regarding the fields of Emergence and Stratification Theory I am a
founding member of the Behavioral Computational Neuroscience Group
? http://www.bcngroup.org
PRESS ACTIVITY
? January 14, 2000 Info World "$12.1 billion reportedly spent to
ward off computer viruses in 1999"
? December 28, 1999 Info World
? December 13, 1999 front cover of Info World
? December 10, 1999 Voice Interview on InternetNewsRadio.com
(Available upon request)
PAPERS
? Intrusion Detection: Deploying the Shomiti Century Tap
http://online.securityfocus.com/library/3023
? How-To Guide: Implementing a Network Based Intrusion Detection
System in a Switched Environment
http://www.cis.udel.edu/~zhi/www.docshow.net/ids/switched.zip
REMOTE WORK
? I have worked in a 100% remote capacity for four years.
COMPUTER SKILLS
? OPERATING SYSTEMS - UNIX(Sun OS 4.1.x, IRIX 6.x, Solaris 2.6, 7 &
8, AIX, BSD, and HP-UX), Linux (Debian, Redhat) Windows 2000/XP, Windows
NT 4.0, Windows 95, Windows98, Windows for Workgroups 3.11, Windows 3.1,
XWindows, FVWM, Openview, HP-VUE, DOS 6.2, CPM and Novell
? Programming Experience - Perl, JAVA, C, C++, Visual C++, Visual
Basic, VBA, VBScript, sh, csh, ksh, bash, ColdFusion, sed, awk, Expect,
HTML, CGI, PHP, ASP, XML, BASIC, SQL, BEEP, Motorolla 6502 Assembly.
Posix Regular Expressions, Task Automation, Socket Programming, Protocol
Emulation, Network Scanners, Database Design and Access, Data
Normalization and Analysis, Intrusion Detection Systems (IDS),Third Party
Integration, Role-based Authentication, OpenSSL.
? Protocols ? HTTP, SMTP, Telnet, POP, SSH, FTP, DNS, NNTP, SNMP,
TCP/IP
? SOFTWARE ? All Major IDS (ISS Real Secure/Site Protector,
Intrusion.com, Cisco Netranger, Dragon, NFR, Snort, ASIM, Shadow),
Scanners (ISS Scanner, NAI Cybercop, nmap, nessus, and home grown tools)
Virus(Symantec, Trend Micro, McAfee), Firewall (Checkpoint, Gauntlet,
Pix, Raptor, IPTables) , Security Event Managers ( e-Security,
Intellitactics), Server protocols and Applications (IIS, Apache,
Sendmail, True North, Netscape Enterprise), Databases (Oracle, MS
SqlServer, MySQL, Access, Dbase), Graphical design suite (Flash,
Fireworks, Photoshop, Visio, Powerpoint, etc)
? HARDWARE ? Network Appliance file server, Sun SPARC Workstations,
HP-UX based platforms, SGI and Personal Computers, CISCO routers and
switches, Covad routers, bay routers, Shomiti Taps.
EDUCATION
July 1991 Graduated Tri-Village High School, New Madison OH
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Disclaimer: There is no "fluff" in this resume
Jimmy L. Alderson
Address Available on Request
678-591-2532 (HOME)
jimmy (at) digitalguardian (dot) net [email concealed] (E-MAIL)
OBJECTIVE
To continue to manage the design of security event correlation engines
using cutting edge technology and theories in the information security
space in order to provide analysis solutions to enterprise wide problems
caused by volumes of disparate security data.
EXPERIENCE
? Senior Security Engineer, MSSP, (CSC) 01/03 ?05/03 (CONTRACT)
CSC specializes in outsourced network security solutions for large
government agencies and commercial corporations. CSC provides 24x7x365
monitoring/analysis capability along with Incident Response assistance.
I joined CSC's MSSP organization in an attempt to check the pulse of the
industry which is the consumer of Security Event Management products. My
responsibilities and accomplishments included but were not limited to,
the following:
? Developed the training curriculum for new security monitors and
analysts (Tier 1 and 2 respectively).
? Designed and developed a network architecture composed of
several ?home-grown? products to affect a correlation capacity internal
to and between client data feeds.
? Designed and developed scripts to automate report generation.
? Performed Tier 3 level analysis of security events and trending
analysis for client networks.
? Mentoring of monitors and analysts.
? Account management of service subscribers
? Director, Satellite Labs, eSecurity, Inc., 04/00 ? 12/02
eSecurity is a software company that provides a Security Event Management
enterprise application. Having had written one for USInternetworking, I
felt this a perfect fit. Satellite Labs is the six person R&D arm of
security professionals responsible for researching, designing, and in
some cases developing new product angles. SatLabs served as a internal
consulting arm to the CTO, Product Management, and Development teams. My
responsibilities and accomplishments included, but were not limited to,
the following:
? Direct support to the CTO in the areas of Secuity Event Analysis
and Event Correlation.
? Direct support to the Product Management team in the areas of
Secuity Event Analysis and Event Correlation.
? Direct support to the Development team in the areas of Security
Event Analysis and Event Correlation.
? Researched and designed algorithms for detecting emergent
patterns in network event data.
? Researched and designed algorithms for performing memetic
surveillance of network events to allow for predictive analysis.
? Assisted in the design of the communications mechanism for e-
Sentinel 4.0.
? Designed a security event automatic analysis process for e-
Sentinel 4.0.
? Designed and developed the e-Security Advisor. This system
brings data from Security Focus into a form where the linkages between
attack code and vulnerability code can be leveraged to allow for better
correlation of potential risk during post-analytical reports as well as
real-time.
? Designed and developed a Time Based Event Correlation Engine that
utilizes polymorphic pattern matching (This is commercially known as Real
Time Alert Correlator RTAC®).
? Designed and developed API for the RTAC® to enable the ability to
access it as an object programmatically.
? Designed and developed the ability for the RTAC® to utilize
configuration files to allow for the addition or subtraction of features
without a development effort.
? Designed and developed a standard for Agent development that
enables the normalization of data from disparate vendors and applications
into a standard format or meta data.
? Designed and developed a data parsing engine to parse the afore
mentioned meta data into an Oracle DB.
? Designed and developed a shell based wrappers like authentication
script.
? Designing and Developing agents that reside remotely and monitor
security based products for current information.
? Project Team lead and mentor for several design and development
efforts.
? Spending time on customer sites to ensure the technical success
of product sales.
? Director, Centers of Excellence, META Security Group (METASES),
03/99 ? 04/00
META Security Group (an affiliate of META Group Analyst Firm) offers
security consulting services and hands-on operational support services
including threats and vulnerability assessments, policy and standards
development, network monitoring services and technical research and
development. My responsibilities and accomplishments included, but were
not limited to, the following:
? Director of the Center of Excellence for Network Monitoring and
Intrusion Detection.
? Developing standards and processes in regards to intrusion
detection being deployed over a wide area network (WAN). These processes
drastically reduce the Total Cost of Ownership (TOC) of any commercial or
opensource Intrusion Detection System.
http://online.securityfocus.com/library/3023
? Director of Emerging Technologies (R and D).
? Designed and Developed Business Case/Technical Specs for
automated delivery of vulnerability issues and solutions to clients based
on their current infrastructure requirements (This project was
productized and is still being sold).
? Researched and developed new vulnerabilities as they relate to
computer and network security.
? Project Manager for national consulting in the field of network
security for a wide range of industries, including financial,
telecommunications, manufacturing, and government agencies.
? Managed the technical and logistical support of consultants in
the field.
? Managed, developed, and implemented the training of new
consultants in regards to network security.
? Conducted Security reviews of clients' perimeters and internal
networks.
? Senior Security Analyst, USInternetworking (USI), 08/98 ? 03/99
USinternetworking Inc. (NASDAQ: USIX) is the leading Application Service
Provider (ASP), outsourcing business applications over the Internet for a
flat monthly fee. USi's full range of services allow companies to quickly
deploy enterprise applications without the associated cost and burden of
owning, managing or supporting the applications or underlying
infrastructure. My responsibilities and accomplishments included, but
were not limited to, the following:
? Designed network architectures that allow for enterprise wide
Intrusion Detection on switched or redundant networks while minimizing
cost by 75%. (See Papers)
? Designed and developed the security policy for Intrusion
Detection systems across a worldwide network.
? Integrated Intrusion Detection alerts into the current Tivoli
network management infrastructure.
? Designed, developed, and maintained a system that consolidates
all Intrusion Detection log and alert information from different
commercial platforms including Firewall data, into one SQL database for
event correlation and real time analysis.
? Developed a GUI console to view Intrusion Detection data from
different commercial products in a real time format.
? Developed a web interface to allow different customers in a
managed service with their servers located on the same logical network to
view only their Intrusion Detection data in a real time format.
? Provided 3rd level support to a 24x7x365 operations staff.
? Conducted security reviews of in house developed applications.
? Conducted network security tests against USi networks to identify
and mitigate security vulnerabilities.
? Developed and maintained operating system security hardening
documents.
? Internet Senior Security Specialist/Consultant, Internet Security
Systems (ISS), 11/97 ? 08/98
Internet Security Systems, Inc. (NASDAQ: ISSX), is the pioneer and
leading supplier of adaptive security management systems, providing
enterprise-wide information protection software. ISS is also a worldwide
innovator of security solutions designed to augment the security
performance of existing systems by complementing security safeguards such
as firewalls, authentication and encryption. My responsibilities
included, but were not limited to, the following:
? Designed, developed and managed the 2nd generation training
department and coursework.
? Provided consulting nationally in the field of network security
for a wide range of industries, including financial, telecommunications,
manufacturing, and government agencies.
? Working closely with clients on implementing intrusion detection
systems (RealSecure) into a current infrastructure.
? Developing standards and processes in regards to intrusion
detection being deployed over a wide are network (WAN).
? Working closely with clients on strategically conducting
penetration tests against their networks using Internet Scanner.
? Conducting enterprise security audits and evaluations plus
network security vulnerability assessment projects.
? Producing security reports for technical to upper management
level clients, which present security vulnerability findings.
? Developing database tools to assist in streamlining customized
reports for clients.
? Conducting ?pilot programs? for customers to help show the
effectiveness of security measures on their networks.
? Developing certified courseware for the entire ISS product suite.
? Developing test labs to be used at corporate headquarters.
? Working closely with X-Force (R&D) to assist in maintaining ISS?s
awareness of new security threats and vulnerabilities.
? Computer/Internet security specialist, United States Navy FIWC
(Fleet Information Warfare Center), 2/96 ? 10/97
The NAVCIRT (Naval Computer Incident Response Team) is a subdivision of
FIWC and is responsible for providing assistance and support to the U.S
Naval fleet in all events of information warfare. My duties as a
security specialist include the following:
? Configuring Sun SPARC workstations as network intrusion detection
systems developed by Lawrence-Livermore Labs.
? Training naval personnel to install, configure, use and monitor
intrusion detection systems.
? Researching vulnerabilities for a wide variety of operating
systems and software.
? Performing on-line surveys of remote systems to determine
vulnerabilities.
? Developing Graphical User Interfaces (GUI) to assist end-users in
the speed and accuracy of delivering vulnerability reports to customers.
? Delivering non-technical, yet explanatory briefs to high-ranking
personnel concerning the potential impact of found vulnerabilities.
? Assisting technicians and system administrators in repairing
found vulnerabilities.
? Developed standard operating procedures concerning the execution
of on-line surveys for naval systems.
? Maintaining a database of virus infections for use by end-users
to assist in repairing damage as well as determining trends.
? Examining viruses written in Assembly, C, WordBasic and Visual
Basic to determine method of infection and simplify detection.
? Assisted as a consultant to Naval Criminal Investigative
Service/Federal Bureau of Investigation personnel during the
investigation of computer crime incidents.
? Given presentations to investigative audiences from agencies such
as the Department of Justice and National Security Agency,
concerning "hacker profiling" and what steps to take in tracking such an
individual.
? Assistant Automated Data Processing Security Officer, VAW-124,
9/94 - 2/96VAW-124 is a carrier based early warning squadron. My duties
included the following:
? Maintaining a current and accurate list of all registered
software and hardware within the squadron.
? Maintaining configuration control and electronic/physical
security of sixty personal computers.
? Troubleshooting and repair of these systems.
? Implemented an Intranet based e-mail system.
COMMUNITY INVOLVEMENT
Along with mentoring several of the industry?s brightest security
experts, I also serve as a current member of the CVE Editorial board.
? http://cve.mitre.org
Regarding the fields of Emergence and Stratification Theory I am a
founding member of the Behavioral Computational Neuroscience Group
? http://www.bcngroup.org
PRESS ACTIVITY
? January 14, 2000 Info World "$12.1 billion reportedly spent to
ward off computer viruses in 1999"
? December 28, 1999 Info World
? December 13, 1999 front cover of Info World
? December 10, 1999 Voice Interview on InternetNewsRadio.com
(Available upon request)
PAPERS
? Intrusion Detection: Deploying the Shomiti Century Tap
http://online.securityfocus.com/library/3023
? How-To Guide: Implementing a Network Based Intrusion Detection
System in a Switched Environment
http://www.cis.udel.edu/~zhi/www.docshow.net/ids/switched.zip
REMOTE WORK
? I have worked in a 100% remote capacity for four years.
COMPUTER SKILLS
? OPERATING SYSTEMS - UNIX(Sun OS 4.1.x, IRIX 6.x, Solaris 2.6, 7 &
8, AIX, BSD, and HP-UX), Linux (Debian, Redhat) Windows 2000/XP, Windows
NT 4.0, Windows 95, Windows98, Windows for Workgroups 3.11, Windows 3.1,
XWindows, FVWM, Openview, HP-VUE, DOS 6.2, CPM and Novell
? Programming Experience - Perl, JAVA, C, C++, Visual C++, Visual
Basic, VBA, VBScript, sh, csh, ksh, bash, ColdFusion, sed, awk, Expect,
HTML, CGI, PHP, ASP, XML, BASIC, SQL, BEEP, Motorolla 6502 Assembly.
Posix Regular Expressions, Task Automation, Socket Programming, Protocol
Emulation, Network Scanners, Database Design and Access, Data
Normalization and Analysis, Intrusion Detection Systems (IDS),Third Party
Integration, Role-based Authentication, OpenSSL.
? Protocols ? HTTP, SMTP, Telnet, POP, SSH, FTP, DNS, NNTP, SNMP,
TCP/IP
? SOFTWARE ? All Major IDS (ISS Real Secure/Site Protector,
Intrusion.com, Cisco Netranger, Dragon, NFR, Snort, ASIM, Shadow),
Scanners (ISS Scanner, NAI Cybercop, nmap, nessus, and home grown tools)
Virus(Symantec, Trend Micro, McAfee), Firewall (Checkpoint, Gauntlet,
Pix, Raptor, IPTables) , Security Event Managers ( e-Security,
Intellitactics), Server protocols and Applications (IIS, Apache,
Sendmail, True North, Netscape Enterprise), Databases (Oracle, MS
SqlServer, MySQL, Access, Dbase), Graphical design suite (Flash,
Fireworks, Photoshop, Visio, Powerpoint, etc)
? HARDWARE ? Network Appliance file server, Sun SPARC Workstations,
HP-UX based platforms, SGI and Personal Computers, CISCO routers and
switches, Covad routers, bay routers, Shomiti Taps.
EDUCATION
July 1991 Graduated Tri-Village High School, New Madison OH
[ reply ]