Marcus Hutchins :verified: on Nostr: The one part of my career that I feel is missing the most is working for some kind of ...
The one part of my career that I feel is missing the most is working for some kind of service provider. Doing external CTI, I got really good at tracking threat actors without needing access to the networks they're targeting.
Typically some organization will see some bad activity, tip me off with what they saw, then I'd often be able to track down the threat actor's infrastructure and see what else they're doing, as well as find other companies they've breached in the process.
The holy grail would be to apply those skills while working for an MSSP, ISP, EDR provider, or similar. Somewhere with access to telemetry from thousands of networks. Could just track the threat actors to find new breached networks, and track the breached networks to find new threat actors. Infinite cybersecurity glitch.
Typically some organization will see some bad activity, tip me off with what they saw, then I'd often be able to track down the threat actor's infrastructure and see what else they're doing, as well as find other companies they've breached in the process.
The holy grail would be to apply those skills while working for an MSSP, ISP, EDR provider, or similar. Somewhere with access to telemetry from thousands of networks. Could just track the threat actors to find new breached networks, and track the breached networks to find new threat actors. Infinite cybersecurity glitch.