Laws of Security


I’m a security professional with over two decades of experience working across all domains of security. I specialize in understanding how adversaries think, and disrupting the inherent asymmetry of security.

I created this site as a way to share lessons learned and what I think a good security mindset should be. I run a blog called Modern Adversary, where these subjects are explored further.


The information and suggestions in this site are provided as is, and without a warranty of any kind. You assume all risks that might come from following or using anything on this website. I am not responsible if things don't work, things get broken, or security gets bypassed or compromised. You are the only responsible party here. If you don't agree, do not read this website, and do not apply anything despicted here.


The opinions expressed in this site are mine, and are not official statements of my current or past employer, current or past team, current or past customers, or anyone else but mine.


This site has no tracking, no cookies, and nothing that can identify you or track you. It doesn't record any visits, and it doesn't store any information about you.