Disclaimer: The opinions and recommendations displayed here are entirely my own, with no implication given about those held by any client or employer. Articles are published “as is”, without any warranty that it will work for your specific need.

This is the blog for Pat O’Connell, security architect. My security experience first grew out of time working in electoral politics. Unless you know how a person thinks and works, it is impossible to get them to agree to support your goals. It is not a large leap from there to understanding social engineering work, which was my first love in security. I began working on creating trainings for clients to understand how they would be vulnerable to manipulation as well as policy to help protect their interests.

Technology had always been in my blood. I remember building my first computer with my father at a very young age. Figuring out how to break family members’ passwords didn’t come much later (names and birthdays weren’t secure even twenty years ago after all). Over the years I drifted more and more into large-scale distributed technology support, and my security knowledge began dominating my work. Protecting infrastructure across continents was immensely interesting, and I decided to dedicate myself to learning how to do so better.

From there, I branched out into penetration testing and data analytics. I showed clients how attackers would breach their defenses, and how to look for the needles in their log haystacks. This includes developing custom SIEM installations and intelligence to look for any questionable activities to detect. It also included being brought in for incident recovery.

Now, I want to take the opportunity to share some of what I have learned. One of the hardest problems that I had entering the field was even knowing what questions to ask. Here I will share those lessons, as well as my thoughts on anything interesting occurring in the world.

Branding, including the header and favicon images, were designed by Katherine Crawford.