About Modern Adversary

If you don't see attacks now, it's not because they aren't possible, it's just that nobody has decided to do one yet. We need to establish clear baselines, understand the anomalies, and have a plan.

Simplify security!

About the Blog

I created this blog in 2009 as a space to store my thoughts and explore ideas. Over time, it has evolved into a collection of insights and approaches to security that I believe are worth discussing and testing.

The blog also includes a section for random brain dumps, some related to security, others not. I use this area to explore a variety of topics. In the past, my team would share quotes from my presentations that they found amusing or insightful. These quotes are now featured on the Common Sense page.

About Me

I am a security professional with over 25 years of experience across all areas of security. My expertise lies in understanding how adversaries think and leveraging that knowledge to address the inherent asymmetry in security. Throughout my career, I have red-teamed and successfully breached some of the most fortified defenses, designed resilient security solutions based on insights gained from an attacker’s perspective, and now focus on building strong security programs and teams. You can learn more about my approach at Security Brutalism.

If you have any questions or you spot a bug, please contact me by sending an email to comms at this domain.

Supporting The Site

Please consider supporting the site by buying me a coffee or getting something on the store. Thank you!

Important Note

The opinions expressed in this blog are solely mine, and are not official statements or express the views of my current or past employer, team, customers, or any other entities with which I may be affiliated.