Blog

My writing focuses on information security, with topics ranging from broad IT trends to detailed technical advice on malware. Scroll through the posts to see whether my interests overlap with yours. Follow this blog to keep up with my latest publications.

Learning Malware Analysis and Cybersecurity Writing Online

You can now take my malware analysis and cybersecurity writing courses online in two formats at SANS Institute, depending on how you prefer to learn: OnDemand: Self-paced, recorded training with four months of access to course materials and labs. You’ll like this if you prefer to start, stop, or speed up training any time they…

Read more

How to Set Up a SpiderFoot Server for OSINT Research

SpiderFoot is a tool for gathering Open Source Intelligence (OSINT) and threat intelligence about IPs, domains, e-mail addresses, and other research targets from many data sources, including services such as Shodan and Have I Been Pwned. Steve Micallef, the tool’s author, offers a free, open source version of SpiderFoot. His team also provides an affordable…

Read more

What’s It Like for a New CISO?

As of this writing, I’ve spent six months in the role of Chief Information Security Officer (CISO) at Axonius, a rapidly growing technology company. Though I’ve held a variety of leadership positions over the years, working in this capacity and setting is new for me. I’ve been capturing aspects of my journey in talks and…

Read more

Top 10 Cybersecurity Writing Mistakes

Want to strengthen your writing in under an hour? Watch the video I recorded to help you avoid the top 10 writing mistakes I’ve encountered when working as a cybersecurity professional. The mistakes you’ll see in this video—and the practical tips for avoiding them—span the key aspects of technical writing: structure, look, words, tone, and…

Read more

The State of Malware Analysis: Advice from the Trenches

What malware analysis approaches work well? Which don’t? How are the tools and methodologies evolving? The following discussion–captured as an MP3 audio file–offers friendly advice from 5 malware analysts. These are some of the practitioners who teach the reverse-engineering malware course (FOR610) at SANS Institute: Jim Clausing: Security Architect at AT&T and Internet Storm Center…

Read more

Joining Axonius to Tackle Cybersecurity Asset Management

I’m drawn to large-scale problems, I guess: At the onset of cloud computing, I was helping companies benefit from cloud economics without undue risks. Later, I switched to protecting data at numerous retail businesses that thought they couldn’t afford security. Next, I focused on stopping a seemingly endless stream of malware designed to bypass endpoint…

Read more

Cybersecurity Advice for Political Campaigns

Political campaigns are targets of cybercriminals and nation-state adversaries, who possess formidable persistence and expertise. Yet, campaign participants can resist these malicious actors by taking specific proactive steps and practicing ongoing vigilance. This article suggests such measures based on the attacks observed in recent years. If you’re participating in a political campaign, the best publicly…

Read more

How to Get and Set Up a Free Windows VM for Malware Analysis

If you’d like to start experimenting with malware analysis in your own lab, here’s how to download and set up a free Windows virtual machine: Step 1: Install Virtualization Software Step 2: Get a Windows Virtual Machine Step 3: Update the VM and Install Malware Analysis Tools Step 4: Isolate the Analysis VM and Disable…

Read more

A Cybersecurity Writing Course for You

My new writing course for cybersecurity professionals teaches how to write better reports, emails, and other content we regularly create. It captures my experience of writing in the field for over two decades and incorporates insights from other community members. It’s a course I wish I could’ve attended when I needed to improve my own…

Read more

The Language and Nature of Fileless Attacks Over Time

The language of cybersecurity evolves in step with changes in attack and defense tactics. You can get a sense for such dynamics by examining the term fileless. It fascinates me not only because of its relevance to malware—which is one of my passions—but also because of its knack for agitating many security practitioners. I traced the…

Read more