I spent five years exposing vulnerabilities as a journalist before moving in-house to lead editorial strategy for Cortex and Unit 42. I translate complex telemetry and product architecture into accessible narratives that help practitioners execute and CISOs make decisions.
From breaking news at DEF CON to running editorial for one of the largest portfolios in cybersecurity. Same job, different chair.
Directing editorial standards and strategy across threat intelligence and security operations portfolios. Co-authoring premium research and whitepapers while making dry topics like email security, automation, and attack surface management actually worth reading.
Embedded with the Managed Threat Response squad. Translated raw forensic telemetry and day-to-day incident chatter into high-pickup MTR casebooks and investigative analyses.
Exposing vulnerabilities, reporting election security from DEF CON's Voting Village, covering keynotes from Black Hat to RSA, interviewing security leaders, and producing the longform feature on CISO burnout that gets passed around every time the topic comes up.
A detective story, a casebook, a longform on burnout, a podcast, an industry report, and yes, a poem about SOAR. Pick the one that doesn't sound like cybersecurity.
A Sherlock Holmes–style narrative tracking an email security incident, illustrating how AI identifies and mitigates deceptive mail payloads. Proof that you can teach a product story without putting people to sleep.
Acclaimed longform on the mental health, liability, and rapid turnover that comes with running corporate security in 2020. Still cited.
Hard-boiled detective framing applied to the forensics behind a backdoor implant in a SolarWinds Orion server. Highest pickup of the casebook series.
Recorded live at DEF CON with Mileva Security Labs' Harriet Farlow on why nobody knows their AI models are hackable, and why policy is asking the wrong questions.
Co-authored flagship study translating Unit 42's incident caseload into actionable intelligence on credential reuse and rapid boundary scanning.
A narrative limerick — written for National Limerick Day — that explains Security Orchestration, Automation, and Response workflows. Yes really.
As Managing Editor at Palo Alto Networks since 2022, I hold narrative control and editorial quality across all marketing, research, and campaign deliverables.
Oversight spans technical blogs, co-authored research reports, whitepapers, campaign assets, and the major keynote deliverables for RSA, Black Hat, and Symphony.
Also: Executive Producer of Threat Vector, Palo Alto Networks' flagship security podcast, on every episode, two of them as host.
AI-powered security operations platform transforming legacy SIEM infrastructures.
Network, endpoint, and cloud detection & response ecosystem.
Orchestration, automation & response models that streamline incident cycles.
Attack surface discovery and management, mapping active exposures globally.
Managed threat hunting, incident response, and global threat intelligence.
Centralized cloud security analytics, asset tracking, and vulnerability compliance.
Open to consulting, freelance commissions, podcast appearances, and the rare full-time conversation. Quick replies guaranteed if the email isn't a press release.