My Writing

• Social Engineering How to Send Customer Emails That Don't Look Like Phishing
  Many legitimate business emails look indistinguishable from phishing attempts, training customers to accept fraudulent messages. Secure customer messages should avoid deep links, come from validated...
• Malware How Would You Detect and Impede Ransomware on an Endpoint?
  Anti-ransomware tools can detect malicious encryption by flagging processes that read or write too many files too quickly, or by monitoring for changes to files' entropy values. Decoy files that...
• Cloud Run Metasploit Framework as a Docker Container Without Installation Pains
  Running Metasploit Framework in a Docker container avoids the pain of installing the tool and its dependencies. The approach is especially useful for quickly deploying to a cloud server for...
• Cloud How You Can Set up Honeytokens Using Canarytokens to Detect Intrusions
  Honeytokens are data or computing resources that exist solely to alert you when someone accesses them, offering intrusion detection with relatively low false positives. The open source Canarytokens...
• Product Management A Product Management Framework for Creating Security Products
  Building a security product requires answering fundamental questions about market segmentation, product capabilities, sales engagement, pricing, and delivery. A lightweight framework that poses these...
• Malware Analysis How to Share Malware Samples With Other Researchers
  Sharing malware samples with other researchers requires password-protecting archives with passwords like "infected" or "malware" to get past antivirus scanners. Using the 7-Zip format with encrypted...