HackTheBox Writeup: Bashed

As a career blue teamer I feel it's important to understand the tools, techniques, and thought processes of an attacker. The best way to learn is by doing, and one of my favorite ways to practice is HackTheBox. The machine…

InfoSec is Bigger Than Pentesting

So far this year I've interviewed several candidates for a security analyst position. It's a pretty straightforward blue team role involving things like vulnerability assessment and remediation, identifying anomalies in user or system activity, and some internal audit functions. Unfortunately…

Deploying Security Controls with Ansible

I use several tools for various security or compliance controls on production Linux servers. Some of those aren't automatically installed/maintained through our package management utility, and with 100+ machines it is far too time-consuming to manually deal with each…