I’m fascinated by the impact that individuals and teams can have on the dynamics between IT defenders and online threat actors. The industry is still relatively immature, and even small efforts can make a big difference.
Writing about cybersecurity threats, such as phishing campaigns, malware infections, and attack groups, is challenging for...Read more
You can now take my malware analysis and cybersecurity writing courses online in two formats at SANS Institute, depending...Read more
SpiderFoot is a tool for gathering Open Source Intelligence (OSINT) and threat intelligence about IPs, domains, e-mail...Read more
As of this writing, I've spent six months in the role of Chief Information Security Officer (CISO) at Axonius, a rapidly...Read more
Want to strengthen your writing in under an hour? Watch the video I recorded to help you avoid the top 10 writing mistakes...Read more
What malware analysis approaches work well? Which don't? How are the tools and methodologies evolving? The following...Read more
I'm drawn to large-scale problems, I guess:At the onset of cloud computing, I was helping companies benefit from cloud...Read more
Political campaigns are targets of cybercriminals and nation-state adversaries, who possess formidable persistence and...Read more
My new writing course for cybersecurity professionals teaches how to write better reports, emails, and other content we...Read more
The language of cybersecurity evolves in step with changes in attack and defense tactics. You can get a sense for such...Read more