Mastodawn

A decoy persona alerts you when an attacker probes your directory or public profiles. When they can't tell the bait from real identities, you create an asymmetry that gives you the upper hand.

https://zeltser.com/the-notion-of-a-honeypot-persona

#deception #socialengineering

Plant Decoy Personas to Detect Impersonation Attacks

Decoy personas extend honeytoken thinking to user accounts and public profiles. The technique gives defenders a tripwire on the identity surface that other detection layers don't cover.

Lenny Zeltser

Lenny Zeltser 2d ago

We've all heard, and many of us have made, security claims that sound airtight in a single sentence, skipping the caveats that decide whether the promise actually holds up.

https://zeltser.com/convenient-lies-in-information-security

#leadership #riskmanagement

9 Convenient Lies in Cybersecurity

Familiar security claims like "we use AES-256" or "we're SOC 2 compliant" are technically true. Each one omits conditions that determine risk, and we need to communicate them carefully to avoid misleading users and customers.

Lenny Zeltser

Lenny Zeltser 6d ago

Tech and security interviews require homework on the company, the role, the people, and the discussion rounds. AI can help with the research and practice once you understand what to prepare.

https://zeltser.com/interviewing-tips-for-it-job-candidates

#career #communication

5 Interviewing Tips for Tech and Cybersecurity Jobs

Strong technical skills get you to the interview, but preparation gets you the offer. Show up having done the homework that many candidates skip.

Lenny Zeltser

Lenny Zeltser Jun 10

The career-shaping work happens in the years before the job search. Reputation, relationships, and visible work are what land the right role. The resume's job ends at initial screening.

https://zeltser.com/stop-relying-on-your-resume

#career #communication

Stop Relying on Your Resume

A resume gets you past initial screening. Reputation, relationships, and visible work built in the years before the search are what land the right role.

Lenny Zeltser

Lenny Zeltser Jun 9

Having interviewed many candidates, I can tell within minutes whether someone prepared for the discussion. A few hours of focused prep often makes the difference between getting the offer and getting a polite no.

https://zeltser.com/interviewing-tips-for-it-job-candidates

#career #communication

5 Interviewing Tips for Tech and Cybersecurity Jobs

Strong technical skills get you to the interview, but preparation gets you the offer. Show up having done the homework that many candidates skip.

Lenny Zeltser

Lenny Zeltser Jun 7

The REMnux MCP server can now draft malware analysis reports using my new report template:

https://zeltser.com/ai-malware-analysis-remnux

#malwareanalysis #remnux

Using AI Agents to Analyze Malware on REMnux

To analyze malware effectively, AI agents need practitioners' expertise and access to the analysis tools. The REMnux MCP server provides both, connecting AI to 200+ tools on REMnux with guidance on which to run and how to interpret their output.

Lenny Zeltser

Lenny Zeltser Jun 5

Self-hosted Algo on DigitalOcean lets us treat the VPN exit IP as disposable. After investigating malicious infrastructure, destroy the droplet, redeploy in minutes, and the next project starts from a clean IP.

https://zeltser.com/deploy-algo-vpn-digital-ocean

#cloud #networking

How to Deploy Your Own Algo VPN Server in the DigitalOcean Cloud

Tunneling connections through a VPN in a public cloud helps conceal your origin and safeguard traffic when performing security research or connecting over untrusted networks. Algo VPN is an open-source bundle designed for self-hosted VPN services that's easy to deploy on DigitalOcean and relies only on modern protocols and ciphers.

Lenny Zeltser

Lenny Zeltser Jun 5

I updated my cheat sheet for creating cybersecurity assessment reports. It's a one-page doc, which you can customize:

https://zeltser.com/security-assessment-report-cheat-sheet

#assessments #riskmanagement

Tips for Creating a Strong Cybersecurity Assessment Report

In a strong cybersecurity assessment report, you rate each finding by its risk to the organization rather than its raw tool score. You give readers the context and remediation steps they need to act on it. This cheat sheet covers how to analyze the data, document scope and methodology, write up findings and fixes, and serve both the executives and engineers who read the report.

Lenny Zeltser

Lenny Zeltser Jun 4

The people who handle breaches all day may be the worst at protecting themselves. Feeling invulnerable is what lets us function around constant threat, the way it lets doctors work around disease. Warnings about our own risk rarely stick.

https://zeltser.com/illusion-of-invulnerability

#riskmanagement

The Illusion of Invulnerability in Cybersecurity

Healthcare workers wash hands more often when signs emphasize protecting patients rather than themselves, because people overestimate their own invulnerability but not others'. Security messaging may be more effective when highlighting risks to customers or colleagues rather than to the individuals receiving the message.

Lenny Zeltser

Lenny Zeltser Jun 3

A decoy fires only when someone accesses a resource no legitimate user would touch. Plant tripwires across network, identity, data, and AI agent configs to create asymmetry in your security architecture.

https://zeltser.com/protean-information-security-architecture

#deception #tools

Building Deception Into Your Security Architecture

Decoys add strategic asymmetry to your security architecture, strengthening your advantage against the attacker. Plant tripwires across network, identity, data, and AI agent configs for high fidelity alerts.

Lenny Zeltser

About	https://zeltser.com/about
Blog	https://zeltser.com/writing
Linkedin	https://www.linkedin.com/in/lennyzeltser/
Twitter	https://x.com/lennyzeltser