Posts

Reviews and notes on useful software tools.

I play in two weekly D&D groups and write session reports as narrative prose from the characters’ perspectives. The reports expand on what happened at the table, adding dialog and internal monologue in each character’s voice. This workflow has evolved through several iterations, each one solving a problem the previous version left on the table.

How it started

The first version was simple: play the session, take notes, write the report from memory afterward. This worked when I had time, but a four-hour session generates a lot of material, and between work and life, writing sometimes slipped by a week. By then the details had faded. The bullet-point notes I’d scribbled during play were thin on dialog and light on the small moments that make session reports worth reading.

Tin Soldier

A dark reimagining of a timeless classic , where love defies the boundaries between metal and mortality.

A one-legged tin soldier glimpses a beautiful one-legged lady in a distant castle and embarks on an impossible journey to reach her. But what begins as a romantic quest becomes a harrowing test of will, sacrifice, and the true meaning of love.

Across treacherous forests, past fearsome creatures, and through encounters with dark magic, the soldier transforms himself—literally and spiritually—in pursuit of his impossible dream. Yet as he discovers the princess he seeks and faces the sorcerer who holds her captive, he must choose between the perfection he’s always desired and the imperfection that makes him who he is.

This eight-week CyberLeadership program from the CyberLeadership Institute guides experienced security professionals to operate at executive level, ending with a practical board‑facing capstone project that simulates the presentation of a 2-year plan by an incoming CISO to the board. Each week focuses on a distinct leadership domain, and includes practical action items and templates to be incorporated into the capstone. The course offers 40 CPE towards renewing my CISSP .

Week 1 — The role of a CISO

Week 1 orients participants to the program and the cyber resilience mindset, and introduces the CISO role through lived experience and practical lessons. Participants explore the many variants of the CISO position, clarify their ideal role, and begin building a personal brand and interview readiness. The week covers essential first‑100‑day priorities, ways to engage the C‑suite, and personal resilience practices.

I recently took and passed the GCFA certification exam for forensic analysis. It was an interesting and educational experience, touching on logfile analysis, memory forensics, deep filesystem analysis, and timeline generation. Most of the content focused on Windows (event logs, NTFS filesystem formats, etc); I’m looking forward to finding a matching course with a Linux focus.

I recently took and passed the ISC2 CISSP . The certification covered a broad range of topics, most of which I was already familiar with from experience as a software engineer. Those areas I was less familiar with included legal and procedural requirements around risk assessment, physical security, and the theory behind encryption and permissions management.

What I’ve been working on for a while now: Cisco Remote Scripts

With the introduction of Remote Scripts powered by Orbital, a search and response feature of Cisco Secure Endpoint in either the Advantage or the Premier tier, incident responders can respond to sophisticated threats with minimal business disruption, and administrators can provide an overall safer and better user experience. Remote scripts harness the power of Orbital Advanced Search capabilities, which provides hundreds of prepared queries curated by Cisco’s Talos threat intelligence group, allowing you to quickly run complex queries on any endpoint.

In the early days of the internet, and even before that, there was a distinct difference in the terminology used for the people who obtained unauthorized access to computer systems. The term hacker meant someone who created an interesting hack, usually something interesting that used a system – not necessarily even a computer system – to do something outside its design intent. A Rube Goldberg machine is a good example of a hack. So is playing music with printers . Conversely, cracker was applied to people who broke into computer systems for nefarious purposes. There was often some overlap between the two, as people making interesting hacks often didn’t have authorized access to the systems they were using.

I recently took and passed the GCIH Certification . It’s primarily focused on understanding how attackers behave, the tools they use, and why those tools do the things they do.