Why the EDR Telemetry Project is Misleading
The EDR Telemetry Project is misleading. Its scoring only defines if telemetry is collected, not if it's actually useable. This post breaks down why the project is flawed in its current state and how some minor tweaks could make it truly valuable.
Software Development Nuggets for Security Analysts Part 2: The Browser
The response to the first article was really positive, and it highlighted something I've seen a lot: many
How I Leveled Up from Help Desk to Cloud Security Researcher
Breaking into cybersecurity feels impossible right now. This isn't a magic formula, but my personal story of navigating the field. Learn from my experiences with degrees, certs, and networking to find your own way in a tough job market.
What Framing Security Alerts as a Binary True or False Positive is Costing You
Ask anyone who’s worked in a SOC long enough and they’ll tell you: debates over “true positive” versus “false positive” happen a lot. Usually, the conversation goes in circles—one person insists an alert was a false positive, another argues it was technically a true positive,
Announcing CelesTLSH CLI: A Lightweight Tool for TLSH Hash Analysis
I'm excited to announce the release of CelesTLSH CLI, a lightweight CLI interface tool for calculating, comparing, and analyzing TLSH hashes. This tool is designed to help security professionals quickly identify potentially malicious files by comparing them against a database of known attack tools.
Vintage Detection: Applying RADAR Research from 1953 to Detect Modern Cyber Threats
A 1953 mathematical framework reveals how military RADAR research can revolutionize cybersecurity. By transforming threat detection from gut feeling to probabilistic science, signal detection theory offers a powerful approach to distinguishing genuine threats from routine noise.
Tips for Reclaiming Your Digital Privacy in 2025
Maintaining online privacy in today’s world is nearly impossible without completely disconnecting—and even then, friends and family may
