Blog
Insights
Patterns from 25 years of security leadership, offensive operations, and building things that work.
AI & Automation
Footprints in the Snow: IOC Table
Indicators of compromise from a snowshoe phishing campaign: sending infrastructure, email kit signatures, TDS domains, and scam kit artifacts.
AI & Automation
Footprints in the Snow
248 AI-generated phishing emails hit my inbox in five days. SpamAssassin caught 5%. We mapped the operation from a leaked LLM prompt to three continents.
AI & Automation
The Fault, Dear Brutus
Everyone's debating what AI means for the future. The more interesting story is what it means for a person with a problem to solve right now.
Perspectives
Lessons from the Field (CISO)
The Field CISO role is still being defined. After nine months in the seat at Praetorian, here's what the role actually is, what the industry gets wrong, and where it should go.
Perspectives
The First 90 Days as a CISO: The Framework
The practical framework for a CISO's first 90 days: pre-engagement scoping, business-driven assessment, building the narrative, and standing up a program that lasts.
Perspectives
The First 90 Days as a CISO: Philosophy Before Frameworks
Most CISO playbooks start with mechanics. The engagements that produce lasting results start with a different question: where is this business going, and what risks does that trajectory create?
AI & Automation
The Systems Thinker's Edge: Why AI Needs Architecture, Not Code
Building production AI systems without writing code. A Field CISO's take on why architecture beats syntax.