I’ve made my career so far on offensive Information Security. My blog here will be heavily slanted towards enterprise Information Security, though I have a number of interests.

I hold the OSCP and GXPN certs.

Why do this?

Why I continue to choose Information Security is something I’ve been asked several times over the years.

I’ve watched the *click* that happens in the eyes of developers when they understand why something is dangerous. I’ve been a part of security programs and have driven maturity to give those businesses the skills needed to keep customer data safe. There’s the customers. I know what it’s like to have credit card information stolen. It’s degrading and disheartening. It makes you feel violated. I want, as much as I can, to help keep people safer.

So I blog to express my thoughts and ideas, to share what I’ve learned. And to have some fun.