-
Why AI is Just Another Tool in Our Blue Team Toolbox
You can’t scroll through LinkedIn, attend a security conference, or open a vendor whitepaper these days without hearing that AI is about to replace the SOC. Some companies claim AI can triage alerts, write detections, respond to incidents, and make coffee while you’re still getting through your inbox. Let me be blunt: That’s not happening.…
-
How I Got ChatGPT to Write Ransomware (and Why That Actually Matters)
Introduction: The AI Cybersecurity Paradox If you’ve ever tried to ask ChatGPT to help you build ransomware, chances are you got shut down fast. Like, brick-wall fast. That’s because AI models like ChatGPT are built with strong ethical guardrails that are designed to prevent the creation of malware, exploits, and anything remotely shady. And that’s…
-
The Trojan Sysadmin: How I Got an AI to Build a Wolf in Sheep’s Clothing
There’s been endless debate about whether AI can churn out malicious code—or if it’s too principled to cross that line. So, I took Grok 3 for a spin to find out. My goal? Trick it into writing what’s basically ransomware. Spoiler: it was a cakewalk. Objective The experiment explored whether an AI language model (Grok…
-
The Art and Science of Threat Detection: SIEM and Detection Engineering Essentials
I’ve decided to tie this post and one other on Building an Effective Security Operations Program together instead of posting them weeks apart. I wanted to focus on the high level aspect of building out a proper security operations focused on Detection and Response, but I also felt like we needed to really dig into…
-
Building an Effective Security Operations Program: Focusing on Detection and Response
Hey everyone! We’re going to be focusing on building out the core competent of your SOC! This post is going to be pretty high level, not too in the weeds as I want to cover the hot items that go into the average SOC these days. There is a more technical blog along side this…
-
From Detection to Prevention: Crafting a Proactive Threat Detection Strategy
Recently, I’ve been thinking more and more about our Threat Detection processes and what we’ve been doing to increase our detection capabilities. Because of that, I thought I would try and articulate at a high level a relatively normal Threat Detection Strategy that focuses on Detection & Prevention. I’ll be doing a series of posts…