Publications

Purple Teaming: RunAs - A

double-edged sword

with Eric Guillen

RunAs is a command that's been around since Windows 2000. It allows users and applications to run under a different user. Windows users have been using this for years to install software and run programs. But did you know that RunAs could be used maliciously? That attackers can use this to enumerate and attack your network? Join us as we dive into analyzing the RunAs command and how bad guys can use it to attack your network. We will discuss our research on how a simple command can be easy to use but difficult to eliminate.

Presentation

Tribe of Hackers Blue team

Tribal Knowledge from the Best in Defensive Cybersecurity, by Marcus J. Carey and Jennifer Jin

This new guide is packed with insights on blue team issues from the biggest names in cybersecurity. Inside, dozens of the world’s leading Blue Team security specialists show you how to harden systems against real and simulated breaches and attacks.

Featured Contributor - Chapter 41

“Make no mistake, everyone’s job ultimately boils down to defending our enterprise; we just take different approaches to defense.”

Book

Security+: A Practitioner’s

Study Guide

with David Evenden

The Security Plus Practitioner's Study Guide is a condensed study tool designed to aid information security professionals as they navigate through the pathways of professional information security certifications. "The CompTIA Security+ test is an international, vendor-neutral certification that validates the baseline skills necessary to perform core security functions and pursue an IT security career." This study guide provides technical information, knowledge, and experience from information security practitioners that will help aspiring cyber security professionals level up as they move towards their goals.