Jorge OrchillesPurple Team Exercise ToolsThis post is a compilation of tools used for simulating tactics, techniques, and procedures (TTPs) in Purple Team Exercises. Tools are…Apr 29, 20201Apr 29, 20201
Jorge OrchillesEthical Hacking DefinitionsI continually hear “ethical hacking” or “offensive security” terminology used incorrectly (by regulators, customers, etc). This post…Apr 21, 2020Apr 21, 2020
Jorge OrchillesVulnerability Management is Hard! How do you prioritize what to patch?I have spent the last 10 years learning about vulnerability management. Like everything else in information security, there is no end…Apr 17, 2020Apr 17, 2020
Jorge OrchillesC2 MatrixThe goal of the C2 Matrix is to document, compare, and contrast C2 frameworks to facilitate the determination of the best one for your…Nov 19, 2019Nov 19, 2019
Jorge OrchillesThoughts on Exploit Prediction Scoring System (EPSS)At Blackhat 2019, a team of researchers presented on an Exploit Prediction Scoring System. The research was published and is available…Sep 4, 2019Sep 4, 2019
Jorge OrchillesReading for HackersI was recently asked to recommend books for students and people looking to get into information security. Reading is very important in…Sep 4, 2019Sep 4, 2019