Where This Started I'm working the queue when CrowdStrike Falcon lights up with a high-severity detection: Defense Evasion via Masquerading. That gets your attention. Masquerading means something is pretending to be something it's not — a binary running from the wrong path, a process name that doesn&
CQB was invented for one purpose: saving hostages. The tactics got passed down across military and law enforcement for fifty years — but the "why" behind them didn't, and that gap is shaping how we think about risk, speed, and what winning actually looks like.
Let's Get Real About SANS Exams After nine SANS certifications, I've figured out what works (and what doesn't) for actually passing these things. Everyone's got their own method, but here's mine - the one that's consistently gotten me
Or: How a malicious Chrome extension investigation at work led to an open-source tool The Extension That Started It All A few months back, I was working on a security investigation at work. We had hundreds of blocked requests in our logs, all beaconing to what Zscaler flagged as a
Note: This is the real story - not the sanitized LinkedIn version. So I Just Started My First Job in Cybersecurity A few months ago (March 2025) I started as a Tier 1 SOC Analyst with Leidos on the CISA contract. After years of building, learning, and honestly questioning if
