Cybersecurity, AI & data science leader — 20+ years building production cyber-analytics platforms across enterprise, defense, and federal.

I build production-grade cyber data and analytics platforms — applying AI/ML, data science, and cloud engineering to defend networks and turn high-volume telemetry into decisions. Ph.D. in Computer Science, 20+ years across enterprise, defense, and federal environments.

Projects Experience Ethos Tutorials

Focus Areas

AI for Cyber

Offline/air-gapped LLM fine-tuning, MCP & agentic AI workflows, and ML-based anomaly detection on live network telemetry.

Network Defense & Forensics

Real-time situational awareness, threat detection at scale, and cyber-topology visualization for analysts and operators.

Data Science & Pipelines

Large-scale analytics pipelines, cloud data engineering on AWS/GCP, and ML modeling over messy, high-volume data.

Recent Posts

Anatomy of a Backdoor: The XZ Utils Supply-Chain Attack (CVE-2024-3094)

31 min read · June 13, 2026

On Friday, March 29, 2024, a Microsoft engineer named Andres Freund sent an email to the oss-security mailing list that quietly averted what might have been the most consequential supply-chain compromise in the history of open source. He had been chasing a performance oddity — SSH logins on a Debian test system were running about half a second slower than they should have, and liblzma was burning suspicious amounts of CPU. What he found at the bottom of that rabbit hole was a deliberately planted backdoor in XZ Utils, a compression library that ships in virtually every Linux distribution on Earth.

Read more →

Walkthrough: VulnHub 42Challenge — LFI to Root

8 min read · June 11, 2026

A condensed walkthrough of the 42Challenge boot-to-root box from VulnHub. The fun of this one isn’t a single CVE — it’s chaining a chain of small weaknesses: a client-side filter, a local file include, log poisoning, a backup file, and a little reverse engineering. The methodology generalizes well beyond this box.

Read more →

iSCSI Applications & Security

6 min read · February 8, 2025

iSCSI (Internet Small Computer Systems Interface) is a powerful protocol that allows you to extend storage capabilities over a network. Whether you’re managing a home office setup or a full-fledged data center, iSCSI can help you integrate Network Attached Storage (NAS) devices with hypervisors like VMware ESXi. However, like any network device, iSCSI presents a number of security vulnerabilities and attack surfaces that must be considered. This guide will explore the iSCSI protocol, its applications, and various security considerations to ensure your data remains protected.

Read more →

The Importance of Secure Boot

7 min read · December 24, 2024

Secure Boot is a rather cryptic and opaque security setting on your computer. In most circumstances, it’s something you or your computer’s vendor will configure in your machine’s BIOS, and then forget about. Occasionally, you might be tempted to disable this setting to facilitate custom boot scenarios, install certain hardware, or perform boutique configurations to your machine. However, Secure Boot is an essential protection mechanism to help keep your computer safe from the most dangerous and sophisticated cyber security threats.

Read more →
Commodore 64 home computer
Sooner or later, someone has to row. — Steve Henderson