My Writing

• Tools Tips for Converting Shellcode to x86 Assembly
  Two tools help analysts convert shellcode found in exploits or malicious documents into readable x86 assembly: ConvertShellcode.exe disassembles shellcode strings immediately, while shellcode2exe.py...
• Training Introduction to Malware Analysis - Free Recorded Webcast
• Tools More Than a Hammer: Expanding the Information Security Toolbox
  Security programs over-focus on networks and systems because infrastructure is most practitioners' background. The toolbox needs domain expertise in business functions, data analytics for measuring...
• Leadership Presentations, Webcasts and Speaking Engagements
• Authentication Critical Log Review Checklist for Security Incidents
  This checklist covers log review for incident response and routine monitoring: copy logs centrally, minimize noise by removing benign entries, verify timestamps, focus on changes and failures, work...
• Cheat Sheets Security Incident Survey Cheat Sheet for Server Administrators
  This cheat sheet helps server administrators examine suspect systems to decide whether to escalate for incident response. Avoid actions that access many files; look at logs, network connections,...