a bad outlook

I strongly believe in the importance of approaching security from both a proactive and pragmatic perspective. Compliance and policy focused security, while it may promote the enforcement of some valuable controls, tends to stagnate and create a bloated security program that is fraught with misprioritisation. Too often it leads security teams to be so caught up in working from checklists that they overlook threats that are unique to their organisation. This begs the question; how does one go about adopting an approach that addresses these shortcomings?


Continue reading “a bad outlook”

building the rats nest

This short and sweet blog post will cover some recent additions to my Malware Hunting repo.


A good part of my (spare) time over the past few months has been devoted to constantly building upon my BSides Wellington talk, which – because I like to practice what I preach (and only preach what I truly believe in) – has also involved rolling out a good deal of the content of the talk to my workplace network… the defensive measures that is, not the malware. All I can say is Bro + Critical Stack Intel Client + ELK = badass!

Continue reading “building the rats nest”