Mick has always enjoyed working with computers and securing systems and quickly became a systems administrator. While working at a marketing firm, he received a penetration test. The report was a bloodbath. His code was highly vulnerable and it hurt to know that his "baby" was so open for attack. When Mick asked the pen testers what he should do, they couldn't provide workable solutions. He vowed to get his revenge in the follow-up assessment, by not only securing his code and systems but making them actively hostile. This included honeypots, automated response, and numerous other tricks to confuse and frustrate. After months of study and experimentation, the follow-up test resulted in the company quitting mid engagement. He was hooked... and hasn’t looked back since.
Mick’s experience in Systems and cybersecurity is varied and eclectic. He built the provisioning system used by LCI/Qwest for long-distance orders, helped ensure network speed and reliability at UUNet, ran the production hosting systems for Resource Marketing (the marketing firm behind brands such as Apple, Walmart, HP, and Victoria’s Secret), was the lead technical security engineer at OCLC (a global not-for-profit library collective) and team lead for one of the penetration testing teams at Bank of America. He’s also worked as a consultant for Diebold, Black Hills Infosec, and Binary Defense before founding InfoSec Innovations, which he considers the highlight of his career. He’s most proud of hiring interns and subcontractors to help bring about his vision of how an information security consultancy can be run. He plans to change the industry and that requires a mix of the right staff, clients, and opportunities.
Mick believes that the greatest challenge that students face is that adversaries are well funded and highly skilled, something he deals with as well. With a modest investment of time each week, he believes students can make changes to their environment that will result in a superior defensive stance. In time, these incremental improvements result in a resilient and tamper-evident network. Mick is always excited about the opportunity to share with others so they do not have to learn the hard way. By studying with Mick, security professionals of all abilities will gain useful tools and skills that should make their jobs easier.
Mick is proud of Powercat, a netcat tool that he wrote in PowerShell 2.0 to allow maximum portability on all PowerShell enabled hosts and Fantastic, a powerful systems administration tool with a helpful web gui which makes it easier for people to secure their systems. When he's not "geeking out" you'll likely find Mick indulging in one of his numerous hobbies; photography, hiking, sailing, scuba diving pretty much anything outdoors.
Powercat - Netcat implementation in PowerShell 2.0 to allow maximum portability on all PowerShell enabled hosts.
Pause-Process - PowerShell script which allows one to pause/unpause a running application. Makes use of existing OS functionality so there is no need to install any additional components. Can be used to allow defenders to respond at a lower threshold.
Fantastic - is a visualizing tool made by InfoSec Innovations for exploring computer networks. It aims to provide a way for network security novices and professionals alike to find and fix security issues.
Watch Mick talk about his class in, "All you need to know about SEC555 - SIEM with Tactical Analysis"
WEBCASTS AND TALKS
- SANS Blueprint Podcast "Simplifying your Logging Strategy with the What2Log Project", April 2021
- SANS Webcast "ZOMG it's Zoom", April 2020
- SANS Webcast "Pen Testing with PowerShell: Automating the Boring so You Can Focus on the FUN!", September 2018
- SANS Webcast "Pen Testing with PowerShell: Local Privilege Escalation Technique", September 2018
- SANS Webcast "Pen Testing with PowerShell: Data Exfiltration Techniques", August 2018
- SANS Webcast "PowerShell for PenTesting", July 2018
- Watch Mick discuss "Pausing Processes with PowerShell"
- See the KringleCon edition of "PowerShell for PenTesters"
- Created by Mick, find the Pause-Process tool here