Welcome

Hello and welcome. Here you’ll find various thoughts, how-to articles, and resources around general computing, cybersecurity, and artificial intelligence and machine learning.

About me

I am trying to learn, but the more I learn, I realize I still don’t know, and the unknowns will always be more than what we know. We also tend to forget. So, I’m just trying to keep up, and share what I know. I’ve been trying for over 30 years in the areas of Computing and Cybersecurity.

Current research areas

• AI/ML and Cybersecurity (Finding the “bad” using “AI”/ML)
• Automation in Cybersecurity (Detection, Response, Forensics, Synthesis)
• Malware Analysis and Reverse Engineering

You can connect with me here:

• On Linked-In
• I’m also on Twitter @DRCRUFT

What I’ve been doing?

Trying to solve problems in general computing, cybersecurity, and automation. I have done many things around the usual stuff, like log and telemetry collection and ingestion, synthesis, threat modeling, threat surface analysis, red teaming, cyber threat intelligence, malware analysis & reverse engineering, incident response, risk analysis, vulnerability assessment, penetration testing, application and system level development, perimeter and internal security architecture design and implementation, research and analysis, and general complex problem solving for Fortune 500 clients across US and abroad. Things like:

• Cybersecurity using Data Science, Machine Learning, General Computing
• Cyber Threat Intelligence, Incident Response, Malware Reversing
• Red Teaming, Threat Surface Monitoring, Zero Day Research
• Penetration Testing, Vulnerability Assessment
• Security Software Development, Secure Software Development
• Developing security programs to defend business and technical critical assets against prevalent and projected electronic and human threats to achieve business goals and objectives.
• Network penetration testing involving black Box (blind) testing, fuzzing, and cyber defense systems evasion through sophisticated processes and techniques.
• Reliability testing, denial of Service testing, chaos-type engineering.
• Electronic & physical social engineering.
• Developing system kernel-level solutions and services.
• Developing system and user applications using a variety of programming languages and frameworks - such as x86 Assembly, C, C++, JAVA, Python, Go, Rust, Perl, etc.

And yet, still not an expert. :)

Notes

My thoughts, views, comments, and conclusions are my own - they are not representative of my employer, nor any entity or organization.