Now that I’m out of the acute new-person phase I am trying to make time to reflect on this first year and some of the…
I had never heard a hacker talk about the things Tom Hudson (TomNomNom) talked about in his discussion with Peter Jaworski (of Shopify). Failure, depression,…
I have developed a bit of an obsession with Hack the Box as of late. Over the past few weeks, I’ve completed seven boxes, climbing…
This post walks through an iterative approach to moving your organization’s Microsoft environment to modern authentication and away from legacy (aka basic) authentication. Legacy authentication…
Are we not like the credit ratings agencies? We are paid by a company to rate something they own or have created. Michael Lewis had…
Identity proofing is key to starting the relationship between a user and your digital service. This is the “Before we start, I’ll need some information…
Last month I wrote and passed the Microsoft Azure Security Technologies exam, which makes me an Azure Security Engineer Associate. I’d been meaning to do…
There is a certain discipline and creativity that comes from having to spend your own money. This post summarizes some tips and tricks for those…
Are vendors doing the right thing when they patch systems that are out of support? Or are they allowing customers to shirk their responsibilities? The…
It is easy to get lost in lengthy checklists and spreadsheets during a cybersecurity risk assessment. While the detailed checking of vulnerabilities and safeguards is…