Your Money or Your Data: Ransomware Readiness Planning

The Willy Wonka World of Application Security Defenses

One doesn’t have to be a magician to understand how to track the hundreds, if not thousands, of ...

Read More

The Bug Stops Here: Using DevSecOps Workflows for Pest-Free Applications

Developers and cybersecurity have an interesting relationship. Developers have no problem with ...

Read More

The Art of Deception: Turning the Tables on Attackers with Active Defenses

Once an attacker enters your network, one of their first actions will be to try and hide their ...

Read More

Sentinels of Ex Machina: Defending AI Architectures

The introduction, adoption, and quick evolution of generative AI has raised multiple questions ...

Read More

Knowing your Enemy: Situational Awareness in Cyber Defenses

Most homeowners know that a lock is a good idea as a basic defense against invaders, and leaving ...

Read More

Cloudy with a Chance of Hackers: Protecting Critical Cloud Workloads

If you've been following along with David's posts, you'll have noticed a structure to the topics: ...

Read More

Tips for Optimizing Your Security Operations Framework

Building an effective Security Operations framework that provides the right balance of people, ...

Read More

The Underdog of Cybersecurity: Uncovering Hidden Value in Threat Intelligence

Threat Intelligence, or just TI, is sometimes criticized for possibly being inaccurate or outdated. ...

Read More

Clockwork Blue: Automating Security Defenses with SOAR and AI

It’s impractical to operate security operations alone, using manual human processes. Finding ...

Read More

Scanning the Matrix: SIEM Best Practices

(A thought from The Matrix: Neo likely used a SIEM before he took the red pill and could see the ...

Read More

Secure Access Service Edge: Another Multi-Tool for the SOC

Over the years, several security defense architectures have merged into a single solution. Endpoint ...

Read More

The Sentinel’s Watch: Building a Security Reporting Framework

Imagine being on shift as the guard of a fortress. Your job is to identify threats as they approach ...

Read More

Cyber Exterminators: Monitoring the Shop Floor with OT Security

Pressure is increasing on manufacturers to monitor their shop floors for malicious activity to ...

Read More

Important Security Defenses to Help Your CISO Sleep at Night

This is Part 13 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...

Read More

How to Create the Asset Inventory You Probably Don't Have

This is Part 12 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...

Read More

Guardians of the Gateway: Identity and Access Management Best Practices

This is Part 10 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...

Read More

Protecting Zion: InfoSec Encryption Concepts and Tips

This is Part 9 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...

Read More

EDR – The Multi-Tool of Security Defenses

This is Part 8 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...

Read More

The Invisible Battleground: Essentials of EASM

Know your enemy – inside and out. External Attack Surface Management tools are an effective way to ...

Read More

The Secret Cipher: Modern Data Loss Prevention Solutions

This is Part 7 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...

Read More

CNAPP, CSPM, CIEM, CWPP – Oh My!

We all know the cybersecurity industry loves its acronyms, but just because this fact is widely ...

Read More

Zero Trust Essentials

This is Part 5 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...

Read More

Evaluating Your Security Posture: Security Assessment Basics

This is Part 4 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...

Read More

Cybersecurity Documentation Essentials

This is Part 3 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts.

Read More

Cost Management Tips for Cyber Admins

As anyone who has filled out an expense report can tell you, cost management is everyone's ...

Read More

Cloud Architecture, Frameworks and Benchmarks

At any point in your cloud security journey, you should consider practical architectures, ...

Read More

Welcome to Adventures in Cybersecurity: The Defender Series

I’m happy to say I’m done chasing Microsoft certifications (AZ104/AZ500/SC100), and as a result, ...

Read More