Lets talk about security. I have always tried to look for answers of unknowns and love to ask why? I played with Nirsofts, formatting systems, assembling computers. These curiosities brought me very close to computers and its unknowns. One day I experienced random shutdown of my computer and then subsequent slowness of my computer, and I just wanted to understand more. I checked the task manager and started checking for each of the processes running till I found a random filename with no description. I searched for the filename and it opened up the door for computer security for me. I was amazed I was not alone seeing that file, and discovered online community forums run by people from diverse backgrounds helping people for free in their issues.
I still remember it was a PurityScan spyware(term used in early 2000s) which tricks users into buying or installing it and monitors user browsing habits and sends back collected data to servers. It would further download content from its servers to display pop-up ads. Excellent usecase of command-and-control, drive-by-malware, bundleware, persistence and early stages of multi-purpose malicious software which we are so used to seeing today.
I got hooked into helping people all over the world, enrolled myself in multiple security forums, learned and practiced bootcamps, and eventually decided to start my own website hosting community forums and download hosts for different tools including AboutBuster(what today is Malwarebytes), HijackThis, utility tools and files for instant removals/remediations of malwares. I was awarded Microsoft Most Valuable Professional in Security for my involvement and contributions across the Windows environment.
I was fortunate to be exposed to an abundance of learning opportunities and practicing security research at an early stage of my career, when there was no separate Threat Hunting, Detection Engineering, Threat Intelligence, Incident Response, Offensive Computing. As a Security Researcher you were expected and you would do all those activities as part of your job. A daily work schedule would look like finding out top threats( known malwares, unknowns or zero footprints), finding out patterns to write detections and then correlating for future variants or samples to understand threat profiles.
Over time I adapted with the evolution of the CyberSecurity landscape and aligned myself more into blue/purple teaming. I will write about Incident Response, Threat Hunting, Detection Engineering, Threat Intelligence, Red Teaming and how they should exist with each other based on my experience.
I have been procrastinating about starting up a blog and just a place to put down my thoughts, experience or just ideas on anything relevant to Security. Here is my first step forward in that direction.