I enjoy giving and watching presentations, and I pay close attention to the attributes of the ones I think are really good talks.

My personal acronym for what makes a great technical talk is SPEED. If you want to improve your presentation game, this is for you.

🧵 Story

Not required for a good talk, but the *best* talks have them. Small ones to punctuate a point, larger ones to have an audience on the edge of their seat. Learn, then practice, the art of storytelling and it will immediately improve your presentation.

Welcome to my 2023 Irreverant Red Team TTP Wrap Up (Trends, Trolls, Predictions)

It's likely some of these will ruffle feathers, but hackers break things right? 😁

🧵👇 1. SIEMs are being replaced by XDRs, which are winning in that market space. Top best defensive product additions are identity based: CSI & MDI (or whatever MS is calling it these days).

One infosec professional's perspective on OST.

Beware, this thread contains nuance... 1 Having watched the OST debate from the sidelines, I have enjoyed the thinking challenge that the debate represents, which is fundamentally searching not for the "best" thing to do, but for the "most right" thing to do - an ethical search at its core.

Just finished giving my first virtual training class.

Here are a few lessons learned for other instructors who are getting ready to do the same... My class was a technical one. Very focused on labs that had students using a lab manual (PDF) to perform the various steps (SSH, Linuxy things). The general flow of the class was lecture, lab, lecture, lab over a 2 day period.