Builder of security products and programs. Teacher of those who run them.
https://zeltser.com
Lenny Zeltser
Loading...
The career-shaping work happens in the years before the job search. Reputation, relationships, and visible work are what land the right role. The resume's job ends at initial screening. https://zeltser.com/stop-relying-on-your-resume
The REMnux MCP server can now draft malware analysis reports using my new report template:
https://zeltser.com/ai-malware-analysis-remnux
Having interviewed many candidates, I can tell within minutes whether someone prepared for the discussion. A few hours of focused prep often makes the difference between getting the offer and getting a polite no. https://zeltser.com/interviewing-tips-for-it-job-candidates
Self-hosted Algo on DigitalOcean lets us treat the VPN exit IP as disposable. After investigating malicious infrastructure, destroy the droplet, redeploy in minutes, and the next project starts from a clean IP. https://zeltser.com/deploy-algo-vpn-digital-ocean
The people who handle breaches all day may be the worst at protecting themselves. Feeling invulnerable is what lets us function around constant threat, the way it lets doctors work around disease. Warnings about our own risk rarely stick.
https://zeltser.com/illusion-of-invulnerability
I updated my cheat sheet for creating cybersecurity assessment reports. It's a one-page doc, which you can customize:
https://zeltser.com/security-assessment-report-cheat-sheet
An attacker on a developer's machine often pivots to reconnaissance. AI agent MCP configs are plain-text files at known paths, offering an index of high-value services. A decoy entry pointing to a honeypot MCP server alerts you of an intrusion. https://zeltser.com/decoy-mcp-server-honeypot
One word changed a hospital hand-washing sign from 'protects you' to 'protects patients,' and compliance climbed. We discount our own risk but not other people's. The same holds for security messaging aimed at others, not ourselves.
https://zeltser.com/illusion-of-invulnerability
A decoy fires only when someone accesses a resource no legitimate user would touch. Plant tripwires across network, identity, data, and AI agent configs to create asymmetry in your security architecture. https://zeltser.com/protean-information-security-architecture
One should print out those rules, laminate them and give it to everyone in cyber.
To analyze malware effectively, AI agents need practitioners' expertise and access to the analysis tools. The REMnux MCP server provides both, connecting AI to 200+ tools on REMnux with guidance on which to run and how to interpret their output.
Healthcare workers wash hands more often when signs emphasize protecting patients rather than themselves, because people overestimate their own invulnerability but not others'. Security messaging may be more effective when highlighting risks to customers or colleagues rather than to the individuals
Decoys add strategic asymmetry to your security architecture, strengthening your advantage against the attacker. Plant tripwires across network, identity, data, and AI agent configs for high fidelity alerts.
A resume gets you past initial screening. Reputation, relationships, and visible work built in the years before the search are what land the right role.
Tunneling connections through a VPN in a public cloud helps conceal your origin and safeguard traffic when performing security research or connecting over untrusted networks. Algo VPN is an open-source bundle designed for self-hosted VPN services that's easy to deploy on DigitalOcean and relies only
zeltser.com
In a strong cybersecurity assessment report, you rate each finding by its risk to the organization rather than its raw tool score. You give readers the context and remediation steps they need to act on it. This cheat sheet covers how to analyze the data, document scope and methodology, write up find
zeltser.com
Healthcare workers wash hands more often when signs emphasize protecting patients rather than themselves, because people overestimate their own invulnerability but not others'. Security messaging may be more effective when highlighting risks to customers or colleagues rather than to the individuals
Your AI agent's MCP config can be a target for an attacker who reaches your machine. A decoy MCP server entry pointing at a Cloudflare Worker can reveal the attacker's presence and their intent.
Much of our security work is communicating with colleagues throughout the org. 10 habits that sharpen how the technical work gets heard. https://zeltser.com/strong-communication-skills
Lenny Zeltser
Explaining security and IT work is often harder than the work itself. Ten habits will sharpen how you explain it to specialists, executives, and everyone in between.
