The Beginning of the End: My New InfoSec Blog

Today I start what is likely to be the beginning of the end for me.

My knowledge of Information Security, in its basic form, goes back to 2009. That’s when, as a Defense Contractor, I found myself staring at the  Security Technical Implementation Guide (STIG) set forth by the Defense Information Systems Agency (DISA). The objective was to review the guidelines and ensure the products I was responsible for architecting and managing were following the strictest of rules set forth by government. As you might imagine, deer in a heads light look does not adequately explain what was going through my mind. The learning curve was steep and until 2011, I would argue that my understanding was still negligible.

Fast forward to 2011 and today I find myself an Executive at a tech-startup specializing in one very small, but growing, InfoSec domain — web-based malware. It is easily argued that my understanding of InfoSec was marginal at best until some time towards the end of 2011. That’s where and when things began to click for me.

I’m not quite sure when, but all of a sudden I found myself with a lot to say and share on the subject. That’s where this blog comes into play.

In an effort to segment where and what I post and on what mediums, I have put together this blog to share those things that I learn as I continue my journey into the InfoSec domain.

As always, I welcome the opportunity to share my thoughts and thank those that decide to stop by. Big thanks to Daniel Cid, Founder of OSSEC and CTO at Sucuri Security for encouraging me to do this and helping me get it set up.