eCPPT stands for eLearnSecurity Certified Professional Penetration Tester. Now, I’m very much a blue teamer, but the purpose for me to pursue this certification was to learn attackers’ tactics and techniques. I wanted to be able to more quickly identify an attacker in an environment and also understand the attacker’s next step. I didn’t pursue…

Working In The Security Field With Learning Disabilities
It was my junior year of high school and I had no plans on what I wanted to do after school, either for work or college. One day I had a meeting with the school counselor, some teachers, and my mom to figure it out. I don’t recall much from the meeting but the counselor…

First Rule Of Security Club Is You Don’t Talk About Security Club
Training: it’s one of the best investments for yourself or a team. Even though it’s super important, I often see training not making that big of an impact on employees. They might get that new certification or complete a course, but have they changed? Has the TEAM grown? In some cases they have, but not…

It’s Not The Tools That You Should Have Faith In.
Above is a great tweet by @varcharr asking a very simple question, but engaging quite a few people. The answers to this tweet astonished me; I truly didn’t know there were so many options to choose from. People said things like elasticsearch, splunk, qradar, rapid7, ELK, AlienVault, Security Onion, LogRhythm, Solarwinds, Elastic SIEM, NetWitness, Azure…

Just Say No To SANS
In a previous article I talked about all the money that I’ve invested into myself over the years. I have a saying, “I won’t ask a company to pay for something that I’m not willing to pay for myself,” and one of the things I would never ask a company to pay for is a…

Blue Team Level 2 (BTL2) – Review Part 1
3/21/22 This review will be an ongoing, living review. As I write this review, the platform has jumped to a new interface. Two labs are still “coming soon,” and the estimated date for the exam to be available is at the end of March. I’m doing a “living” review because Blue Team Level 2 has…

Practical Malware Analysis & Triage – Review
I wanted to do a quick review on this course to give some initial thoughts. I want to say I’m only familiar with Matt Kiely aka HuskyHacks due to his blog for the eCPPT. https://huskyhacks.dev/2020/04/24/elsptp/. I enjoyed his other blog posts and ended up following him on twitter https://twitter.com/HuskyHacksMK which is how I became aware…

Squeezing The Most Out Of Security Conferences
Security conferences, to me, are all but one thing… networking events. This wasn’t always the case. The early years of my security career conference were a way to learn about new technology, what people were doing, issues companies faced, and maybe take a few tips back to the office. I attended all the talks I…

Mergers, Affiliations, and Acquisitions, Oh My!
In the past, when I saw a headline of a new merger, affiliation, or acquisition, I thought of it as exciting news but didn’t put much thought beyond that. Now going through a couple of them, for the people involved, I now know it could be life-changing, for better or worse. I’ve been in three…

Bill Walsh: The Score Takes Care Of Itself – Book Review
This book was so good that I bought a physical copy. The Audible version wasn’t cutting it for all the bookmarks and notes I wanted to take while reading. I believe the book has a little bit of everything, from his struggles early on and how he built a team, to the burnout he felt…

A Puzzle Challenges The Player To Get From A Problem To A Solution
When working with alerts, I notice that analysts sometimes have the immediate reaction to reach out to somebody else to have them answer it. I’ll hear, “Well, I’ll ask this person about that system” or “This person would be a good resource to ask about that traffic.” There’s a time and place for such questions,…

Fixed: How to Perfect the Fine Art of Problem Solving – Book Review
With this book, I didn’t expect it to be as relatable for an analyst but maybe more geared towards engineering, architect, or even manager role. So my expectations weren’t for this to be like her previous book Visual Intelligence: Sharpen Your Perception, Change Your Life, where I could directly relate most of it for an…