Welcome

Welcome to my blog. Here you’ll find various thoughts, how-to articles, and resources around cyber security, machine learning, and general computing.

About me

I have over 30 years of experience in Compute/Cyber providing design, development, implementation, analysis, support, and consulting.

What I’ve been doing?

Providing threat surface analysis, cyber threat intelligence, malware analysis & reverse engineering, incident response, risk analysis, vulnerability assessment, penetration testing, application and system level development, perimeter and internal security architecture design and implementation, research/analysis, and complex problem solving for Fortune 500 clients across US. And yet, still not an expert. :)

• Developing security programs to defend business and technical critical assets against prevalent and projected electronic and human threats to achieve business goals and objectives.
• Network penetration testing involving black Box (blind) testing, fuzzing, and cyber defense systems evasion through sophisticated processes and techniques.
• Denial of Service testing
• Electronic & physical social engineering.
• Developed system kernel-level solutions and services
• Developed system and user applications using a variety of programming languages and frameworks - such as x86 Assembly, C, C++, JAVA, Python, Go, Rust, Perl, etc.

Areas I’ve worked in

• Cybersecurity using Data Science / Machine Learning / General Computing
• Cyber Threat Intelligence / Incident Response / Malware Reversing
• Threat Surface Monitoring / Red Teaming / Zero Day Research
• Penetration Testing / Vulnerability Assessment
• Security Software Development / Secure Software Development

Current research areas

• Cyber Data Science & Machine Learning (Finding the “bad” using “AI”/ML)
• Automation in APT Defense, Incident Response, and Digital Forensics
• Malware Analysis and Reverse Engineering with focus on APT and Rootkits

You can connect with me here:

• On Linked-In
• I’m also on Twitter @DRCRUFT

Important Notes

My thoughts, views, comments, and conclusions are my own - they are not representative of my employer, nor any entity or organization.