All Posts

Building Ulysses Mcp From Frustration To A Smarter Writing Workflow

Building Ulysses-MCP - From Frustration to a Smarter Writing Workflow

Welcome to PEBCAK Consulting LLC

• consulting, business

Welcome to the PEBCAK Consulting LLC blog!

Building AWS Detective: Lessons from the Field

• aws, cloud-security, detective

As co-author of AWS Detective, I’ve had the unique opportunity to bridge the gap between traditional threat hunting and cloud-native security investigation. Here are some key insights from that journey....

Threat Hunting: From Endpoint to Cloud

• threat-hunting, cybersecurity, cloud

Over the past decade, I’ve had the privilege of working across the threat hunting landscape - from endpoint security at Carbon Black to cloud security at AWS. Here’s what I’ve...

Beyond the Perimeter Podcast - Turning a Hobby Into a Career

• podcast, career-development, cybersecurity

Featured interview discussing my journey from cybersecurity hobbyist to industry professional, sharing insights on career development in the security field.

5 Objectives for Establishing an API-First Security Strategy

• api-security, strategy, dark-reading

Essential objectives for organizations looking to implement an API-first approach to security. A strategic framework for modern security architectures.

Top 3 Takeaways From DerbyCon

• derbycon, conference, security-community, sqrrl

Key insights and lessons learned from DerbyCon, one of the premier hacker conferences.

Threat Hunter Profile - Ryan Nolette

• threat-hunting, profile, interview

Featured threat hunter profile discussing my background, methodologies, and insights into the threat hunting profession.

Endpoint and Network Hunting: A Q&A with Ryan Nolette

• threat-hunting, interview, endpoint-security, sqrrl

In-depth Q&A session covering endpoint and network threat hunting methodologies, tools, and best practices.

Situational-Awareness Driven Threat Hunting

• threat-hunting, situational-awareness, sqrrl

Building effective threat hunting programs through enhanced situational awareness and environmental understanding.

Threat Hunting with Bro

• threat-hunting, bro-ids, network-security, sqrrl

Leveraging the Bro network security monitor (now Zeek) for effective threat hunting and network analysis.

Threat Hunting with Carbon Black

• threat-hunting, carbon-black, endpoint-security

A comprehensive guide to leveraging Carbon Black’s endpoint detection and response capabilities for effective threat hunting operations.

Finding Evil When Hunting for Lateral Movement - Part 3

• threat-hunting, lateral-movement, sqrrl

The final part of the lateral movement series, providing practical techniques for detecting and hunting lateral movement in enterprise environments.

How Attackers Lay the Groundwork for Lateral Movement - Part 2

• threat-hunting, lateral-movement, sqrrl

Part two of the lateral movement series, focusing on the preparatory steps attackers take before moving laterally through a network.

Understanding Lateral Movement - Part 1

• threat-hunting, lateral-movement, sqrrl

The first part of a comprehensive series on lateral movement techniques. Essential reading for threat hunters and security analysts looking to understand how attackers move through networks.

Leveraging the OODA Loop for Better Endpoint Security

• ooda-loop, endpoint-security, strategy, carbon-black

Applying military decision-making frameworks to cybersecurity operations for faster, more effective incident response.

How I Quit Freaking Out Over Strange Network Traffic

• network-analysis, traffic-analysis, carbon-black

Practical approaches to network traffic analysis and reducing false positives in security monitoring.

Huntpedia - A Threat Hunter's Guide

• threat-hunting, huntpedia, published-work

The comprehensive threat hunting guide I co-authored, providing methodologies, techniques, and best practices for security professionals engaged in proactive threat detection.

What I'm Thankful for as a Security Practitioner

• security-community, reflection, sqrrl

A reflective piece on the security community, collaboration, and the aspects of cybersecurity work that inspire gratitude.

How to Investigate a Bitcoin Mining Malware Infection

• bitcoin, malware, investigation, carbon-black

Step-by-step guide for investigating and analyzing Bitcoin mining malware infections in enterprise environments.

Defuse Booby-Trapped Malware by Catching it, Stopping it and Killing it with Fire

• malware-analysis, evasion-techniques, carbon-black

Advanced techniques for safely analyzing and neutralizing sophisticated malware that employs anti-analysis and evasion methods.

Carbon Black's Ryan Nolette Discusses Ransomware on Forensic Lunch

• ransomware, forensics, interview, carbon-black

Featured interview on David Cowen’s Forensic Lunch discussing ransomware analysis and detection techniques.

Say No to Ransomware

• ransomware, prevention, carbon-black

Practical strategies and defensive measures organizations can implement to protect against ransomware attacks.

Point-of-Sale Still Not Getting the Point of Security

• pos-security, retail, carbon-black

Ongoing challenges in point-of-sale security and why retail environments continue to struggle with basic security measures.

After Taking a Bite Out of SSL 3

• ssl, tls, cryptography, security

Deep dive analysis of SSL 3.0 vulnerabilities and security implications for modern web applications.

Point-of-Sale Malware Just Won't 'Backoff'

• pos-malware, retail-security, carbon-black

Analysis of persistent point-of-sale malware threats targeting retail environments and payment systems.

Investigating Bitcoin Malware Infections Using Carbon Black

• bitcoin, malware, carbon-black, investigation

Detailed methodology for using Carbon Black’s endpoint detection capabilities to investigate Bitcoin mining malware.

Hitting the 'CryptoWall'

• ransomware, cryptowall, carbon-black

An in-depth analysis of CryptoWall ransomware, one of the most destructive malware families. Understanding its behavior patterns and detection strategies.

An April Fool's Treasurehunt

• security-awareness, carbon-black

A creative approach to security awareness through an April Fool’s themed security challenge.

Bitcoin-Mining Malware 101

• malware, bitcoin, cryptocurrency, carbon-black

A comprehensive guide to understanding and detecting Bitcoin mining malware infections. Learn the techniques attackers use and how to identify these resource-draining threats.

New 'Crypto' Ransomware Lurks in the Shadows

• ransomware, cryptography, carbon-black

Analysis of emerging cryptocurrency-based ransomware variants and their stealth techniques.

ACSC - 5 Things To Do After A Breach

• incident-response, breach-response, acsc

Essential post-breach response steps based on ACSC (Australian Cyber Security Centre) guidelines for organizations dealing with security incidents.

5 Things an Enterprise Must Do if There's A Security Breach

• incident-response, enterprise-security, carbon-black

Essential guidance for enterprise organizations facing a security breach. This article outlines the critical first steps that can make the difference between containment and catastrophe.

In 2016 Resolve to Slim Down POS Malware

• pos-malware, retail-security, new-year, carbon-black

New Year’s resolution for retailers: implementing effective strategies to reduce point-of-sale malware risks.

Zero-Day Mitigation: How Bit9 Blocks the Latest Microsoft Word Vulnerability

• zero-day, vulnerability, bit9, microsoft

Case study demonstrating how application whitelisting technology can prevent zero-day exploits, using a Microsoft Word vulnerability as an example.

WireLurker - How to Flag It, Tag It and Bag It

• malware, mac-security, wirelurker

Analysis of the WireLurker malware targeting Mac and iOS devices, including detection and mitigation strategies.