I created this blog to share thoughts and ideas around offensive security techniques and tooling. I strive to be the “Adaptable Adversary”, an attacker that will continually improve techniques and tools to match changes in the industry or controls identified in a target organization. All things infosec interest me, but my passion covers command-and-control, endpoint security control bypasses, and evading network based defenses.
Outside of offensive security, I have observed a lot of inefficiencies from big consulting companies within their audit processes. Consultants use bloated Excel documents and struggle to provide true value to their clients. Results such as year-over-year comparisons and how the organization stacks up among its peers is futile at best. Audits themselves don’t make a company secure but do help provide a roadmap for small companies and validation for mature organizations.
With a few partners I’m trying to solve this problem with a SaaS platform, data analytics, and a better UI than Excel. If this interests you, check out https://getcompliancecloud!