- 2026-05-20 The worms will continue until the ecosystem improves [↗]
- 2026-04-30 Building an AI App on Azure: What I Actually Learned [↗]
- 2026-04-22 Mythos Zero Days Aren't the Real Problem [↗]
- 2026-04-20 Your Google Workspace Has Hundreds of OAuth Grants. Do You Know What They Can Do? [↗]
- 2026-03-24 Supply chain attack alert: LiteLLM 1.82.8 is compromised. [↗]
- 2025-03-04 You’ve got Mail (and Misdirected Funds): A live demo of email hacking [↗]
- 2025-03-04 Your Free Email Might Be Pretty Expensive in a Data Breach [↗]
- 2025-03-04 Threat Alert! How to Check and Secure your Google, Microsoft, and Apple Accounts [↗]
- 2025-03-04 Easy Playbooks to Make Ransomware Criminals Cry [↗]
- 2018-02-14 Parse FortiGate rules into CSV using PowerShell
- 2016-02-16 Verify your downloads with Certutil
- 2015-07-22 Invalid option ‘6’ for /langversion; must be ISO-1, ISO-2, 3, 4, 5 or Default
- 2015-07-22 Chunked uploads for .NET
- 2015-07-20 Easy IIS SSL Hardening
- 2015-01-19 GridView paging firing select event inside UpdatePanel
- 2014-12-17 Alienvault warning “asset logs are not being processed”
- 2014-07-18 Barbecue Pork
Speeches
-
You’ve got Mail (and Misdirected Funds): A live demo of email hacking
— CypherCon 2023 (2023-03-31)
A live demo of financial crime committed via email hacking.
Presentations
-
Easy Playbooks to Make Ransomware Criminals Cry
— Blue Team Con 2022 (2022-08-28)
An introduction to basic ransomware operator tactics to defend against, including attack vectors, prevention, and response. -
The Wild West of Shift Left: Your New Vulnerability Management Posse
— Deep608 Conference 2024 (2024-03-29)
It can be a very tough navigating all the acronyms and product categories involved in appsec, but it's definitely possible to find a good combination of tools that work together to improve your security posture!
Papers
-
A New Needle and Haystack: Detecting DNS over HTTPS Usage
— SANS Reading Room (2019-09-10)
Encrypted DNS technologies such as DNS over HTTPS (DoH) give users new means to protect privacy while using the Internet. Organizations will face new obstacles for monitoring network traffic on their networks as users attempt to use encrypted DNS. -
Fight or Flight: Moving Small and Medium Businesses into the Cloud During a Major Incident
— SANS Reading Room (2020-08-30)
Incident responders often aid small and medium businesses (SMB) during crippling cyberattacks that cause outages of critical systems. This research examines the feasibility thereof and discusses the challenges that organizations may face with rapid cloud migration, including software compatibility and insurance requirements.
I am an IT professional with experience in security, auditing, development, system administration, and project management.
My professional experience is listed on LinkedIn.
WASD or arrow keys to move