Welcome to my blog!
This blog will be a logbook for my interests, research and endeavors in the Information Security realm. Topics will vary, but the overall focus will combine offensive and defensive tactics to secure assets.
I am not looking to get into a red team vs. blue team debate here, because I feel that both sides are necessary in security. The content of this blog will take a holistic view that concentrates on multiple facets of this complicated but rewarding field.
Anyone who knows me knows that I love a good analogy, and I have found that an effective analogy for securing a network is like securing a home. You can have multiple layers of security in place already, but you still need to verify that the doors are locked.
The purpose of this blog is to provide a forum to discuss implementations for various security controls and testing them accordingly.
The content of this blog will vary based on my latest interests, but will include these general topics: Implementing security controls and services to harden a application, system or network. Analyzing popular attack patterns and attacker methods. Tools and techniques for conducting network and application assessments. Reviews of training and certifications. Secure usage of popular services and products.
Obligatory Disclaimer 1: The content and views in this blog are my own and do not reflect the ideas of my employers - past or present.
Obligatory Disclaimer 2: Any actions and or activities related to the material contained within this blog are solely your responsibility. The misuse of information within this website can result in criminal charges brought against the persons in question. The author will not be held responsible in the event of any criminal charges brought against any individuals misusing the information from this website to break the law. The offensive tactics demonstrated in this blog are only to be performed against assets that the reader owns or has received written authorization to test.
Thanks for reading!