There it is. The truth. This blog is half-assed. And for good reason. I have been working since I first came up with the idea, for some reason. Initially, I thought I’d post updates about my progress in infosec through complicated write-ups to prospective employers when I started as a SOC analyst, but I have really just been trying to get better instead of saying it. Honestly, with AI and the flood of people smarter than me in this field, I have just been trying to keep up and keep my head down without it being figured out that I am a big phony and need to choose another career path.
As sarcastic as that may read, it’s the truth. Information security is a brutal field, and there will always be smarter, more accomplished, higher-dimensional thinkers than you. If someone who reads this is comfortable with that, you may be a good fit for this kind of work. That’s not to say that you shouldn’t try to get smarter every day, because you should, but you need to be humble in the face of certain realities. I have worked in infosec for about five years straight now, and I feel less capable than I ever have, despite getting certifications and hands-on experience in critical incidents, exploiting vulnerabilities (safely), finding intrusions, and lastly learning to program and reverse-engineer (poorly). I have dabbled in PowerShell, C, C++, Python, SQL, Javascript and I still suck at all of them. Maybe it’s because I work 80 hours a week performing triage, IR, and postmortem forensics. Maybe it’s because I am just not that good at it. Time will tell.
With the rise of AI, I can safely say everyone is concerned, including ordinary people like me. The only way to survive is to keep fighting and to always hunger for more understanding. To remain curious. It’s easier said than done. And balancing personal life with it. Yeah. Good luck. You’d better hope you are as fortunate to have a loving, caring family who supports their little nerd as much as mine does. It’s crazy to think that a little over five years ago, I had dabbled with Accurint and DomainTools and had more experience shooting assault rifles, speaking Russian, and jumping out of planes than I did with any of the things I do now. Now this is what I eat and breathe, and I enjoy it. I’m hoping to add some more balance back soon 🙂
Some neat things I have done now: Respond to ransomware(s) and hands-on keyboard activity, deal with countless BECs, countless intrusions and malware infections, stacked GIAC certs (GREM, GCFA, GSEC, GCIH, GSTRT, SSAP – and in that order), identified APT campaigns against vulnerable devices and kicked them out, work with great people. I also have the best family ever, in case I didn’t mention that.
The truth is, I will post to this blog when I feel like it. Maybe when I find good resources to share, write up about a tool I made, even if it sucks, showcase an analysis I performed on malware, or even share information about a vulnerability that I discovered. Until then, best of luck and thanks for reading this non-AI-generated slopfest.