Ciberesponce is Andrew Harris' personal blog on all things technology, with a focus on attacks. Being a firm beliver in training and educating people on real-live attacks so they can truly appreciate the actual risks, majority of the content is aimed at being hands on.
Historically, I've received heat for even talking about these issues. Microsoft Legal, while at Microsoft, was originally not comfortable with a lot of this content. After a year+ long conversation, they eventually gave in and agreed that informing customers of these attacks, even when on Microsoft's own infrastructure and products, was the better thing to do.
Since leaving Microsoft, I still get responses on "how dare you post things like this" or "what are you trying to do, tip the adversary?". Everything I post is after the fact. Nothing discussed is active. If an adversary can figure it out, and we know they share intel with others, it's only a matter of time before any of this becomes more public. So the goal here is to arm you as fast as the adversaries who share their tactics, techniques and procedures with others.
About the Author
Andrew was the Chief of Strategic Programs for the Department of Defense within the Defense Information Systems Agency (DISA). He then joined Microsoft, helping develop and lead their technical delivery for responding from and confidently evicting adversaries from their environment. Later at Microsoft he became the CTO for the Azure Security portfolio before deciding to join CrowdStrike as their WW Public Sector CTO.
Access all areas
By signing up, you'll get access to the full archive of everything that's been published before and everything that's still to come. Your very own private library.
Fresh content, delivered
Stay up to date with new content sent straight to your inbox! No more worrying about whether you missed something because of a pesky algorithm or news feed.
Meet people like you
Join a community of other subscribers who share the same interests.