Writing
All articles
Notes on product strategy, enterprise security, and the messy place between them.
- Product Strategy
6-Step Blueprint for a Winning Product Strategy
A GPS for guiding product development and launch with finesse in the business world.
- Security
5 Insider Threats Your Company is Overlooking
The threats that bypass your perimeter because they're already inside it.
- Technical
How I Automate Authenticated API Security Testing
Automating DAST for service APIs as part of the security testing pipeline.
- Web3
Register and Prosper with Web3 Domains
Exploring the emerging opportunity in Web3 domain registration.
- Security
Common Ransomware Delivery and Cost Effective Proactive Defense
How good cyber hygiene and best practices in security controls go a long way in defending against ransomware.
- Security
Deconstructing the Ransomware Kill Chain
Ransomware is noisy malware — its kill chain presents multiple opportunities for network defenders.
- Career
CISSP: Mile Long, Inch Deep
Reflections on passing the CISSP exam and what the certification actually prepares you for.
- Technical
Tunnel Traffic Through Jump Host
Tunnel traffic through a compromised jump host to reach otherwise unreachable internal networks or hosts.
- Technical
Apache Tomcat Deserialization of Untrusted Data RCE (CVE-2020-9484)
A niche condition to trigger remote code execution via deserialization on Apache Tomcat.
- Technical
HTB Buff — Writeup
Buff is a Windows machine rated Easy on HackTheBox — webshells, file transfers and SSH tunnel port forwarding.