Hanging out where digital forensics meets incident response and threat intel.
“I was in grad school in 1994, and came across something interesting. The "finger" app was described as a 'security vulnerability'. I had no idea why this was the case, so I asked the senior sysadmin for the curriculum. She looked at me, smiled, and walked away without saying a word.” So began Harlan’s affinity for digging into head-scratching security questions.
Harlan is Staff Threat Intel Analyst, Adversary Tactics here at ĢTV, poised at the intersection of digital forensics and incident response, threat hunting, and threat intel.
He leverages his extensive 20+ years of DFIR (Digital Forensics and Incident Response) experience to focus on threat intelligence, which is essentially unraveling how threat actors are looking to gain entry on endpoints and finding ways to detect it sooner in the attack cycle. Prior to ĢTV, Harlan ran the internal SOC at EY.
But he doesn’t keep it all to himself, Harlan is an accomplished public speaker, writer, innovative researcher, and analyst. As a published author (besides the below blog posts!), Harlan has, including the first book of its kind offering an analysis of the Windows Registry.
When he’s not at work, Harlan enjoys programming in Perl, reading, writing, and working around the farm.
What's your favorite cybersecurity tip, Harlan?
“Do the basics well, beginning with an asset inventory and attack surface reduction.”