Lenny Zeltser
@lennyzeltser.com
Which malware analysis toolkits and frameworks should you consider including in your workflow? Here's my overview:
Free Toolkits and Frameworks for Malware Analysis
Open-source sandbox platforms, analysis environments, and AI-assisted tools let you build your own malware analysis capability without commercial licenses. Options include CAPEv2, DRAKVUF Sandbox, REM...
zeltser.com
February 10, 2026 at 5:56 PM
Which malware analysis toolkits and frameworks should you consider including in your workflow? Here's my overview:
The new REMnux MCP server connects AI agents to 200+ malware analysis tools on REMnux. I was surprised at the depth of investigation it delivers. Most of my time went into capturing how I approach the analysis and providing guidance to AI at the right time, so it can think and adapt as it works.
Using AI Agents to Analyze Malware on REMnux
To analyze malware effectively, AI agents need practitioners' expertise and access to the analysis tools. The REMnux MCP server provides both, connecting AI to 200+ tools on REMnux with guidance on wh...
zeltser.com
February 9, 2026 at 2:22 PM
The new REMnux MCP server connects AI agents to 200+ malware analysis tools on REMnux. I was surprised at the depth of investigation it delivers. Most of my time went into capturing how I approach the analysis and providing guidance to AI at the right time, so it can think and adapt as it works.
What if the CISO's real job is calibrating the right amount of insecurity? Frame the role around that and you become an enabler, not an obstacle. The acronym still works.
The Chief Insecurity Officer
What if the CISO's job isn't to maximize security but to calibrate the right amount of insecurity? Reframing the role this way turns security leaders from obstacles into enablers of business velocity.
zeltser.com
January 28, 2026 at 8:17 PM
What if the CISO's real job is calibrating the right amount of insecurity? Frame the role around that and you become an enabler, not an obstacle. The acronym still works.
I released a free tool to generate animated, annotated replays of text conversations, so you can embed them in articles, training, and docs. For example, it's a nice way to explain influence tactics of a social engineering scam. See it in action:
Interactive Replays of Conversations: A New Tool
Conversation replays add an engaging dimension to training materials and docs. Save the conversation and your annotations in a data file, then use my tool to generate a self-contained HTML player you ...
zeltser.com
January 16, 2026 at 2:28 AM
I released a free tool to generate animated, annotated replays of text conversations, so you can embed them in articles, training, and docs. For example, it's a nice way to explain influence tactics of a social engineering scam. See it in action:
How to give AI raw incident notes and get a solid draft of an IR report? Now you can point your AI tool at my MCP server for guidance based on proven writing principles. Your data isn't shared with my server; it only provides guidance.
Write Good Incident Response Reports Using Your AI Tool
I released an MCP server to give your AI expertise to write good IR reports from raw notes or to get constructive feedback on existing content. You can replicate my approach to codify your own experti...
zeltser.com
January 14, 2026 at 4:01 PM
How to give AI raw incident notes and get a solid draft of an IR report? Now you can point your AI tool at my MCP server for guidance based on proven writing principles. Your data isn't shared with my server; it only provides guidance.
I released a tool for making your website or docs easily available to AI assistants via an MCP server. This helps ensure people's AI tooling can access the latest details at the right time. For instance, this is how REMnux users now can get info about its malware analysis tools.
Publishing Your Website Content to AI Assistants
When people ask AI assistants about your product or project, they often get outdated information. Here's how to publish your static website content directly to AI tools using Cloudflare Workers and th...
zeltser.com
January 12, 2026 at 7:47 PM
I released a tool for making your website or docs easily available to AI assistants via an MCP server. This helps ensure people's AI tooling can access the latest details at the right time. For instance, this is how REMnux users now can get info about its malware analysis tools.
While cybersecurity and data privacy leaders have distinct expertise, their goals are aligned. Edy Glozman and I discussed how these functions can support each other based on our collaboration at Axonius:
zeltser.com/security-pri...
zeltser.com/security-pri...
How Security and Privacy Teams Break Barriers Together
While cybersecurity and data privacy leaders have distinct expertise, our fundamental goals are aligned. By understanding each other’s perspectives and priorities, we can support each other to stre
zeltser.com
June 27, 2025 at 7:27 PM
While cybersecurity and data privacy leaders have distinct expertise, their goals are aligned. Edy Glozman and I discussed how these functions can support each other based on our collaboration at Axonius:
zeltser.com/security-pri...
zeltser.com/security-pri...
Here are the key trends that cybersecurity leaders should keep in mind for our work in 2025:
The CISO’s Midset for 2025: Outcomes, Automation, and Leadership
As the year 2025 rushes forward, the responsibilities of CISOs are continuing to evolve. We increasingly recognize the importance of not just identifying risks but actively addressing them through di
zeltser.com
February 11, 2025 at 3:21 PM
Here are the key trends that cybersecurity leaders should keep in mind for our work in 2025:
Reposted by Lenny Zeltser
Terrible news today about the loss of Amit Yoran. He was a larger than life figure in cybersecurity and we will be lesser without him. May his family and friends find peace.
January 4, 2025 at 6:34 PM
Terrible news today about the loss of Amit Yoran. He was a larger than life figure in cybersecurity and we will be lesser without him. May his family and friends find peace.
Reposted by Lenny Zeltser
Happy birthday to the unusual number of my cybersecurity friends who all have January 1st birthdays on Facebook! 🧐🧐🧐
January 2, 2025 at 1:47 PM
Happy birthday to the unusual number of my cybersecurity friends who all have January 1st birthdays on Facebook! 🧐🧐🧐
Reposted by Lenny Zeltser
For those going home to visit family this weekend:
• Samsung calls it Auto Motion Plus
• LG calls it TruMotion
• Sony calls it Motionflow
• Roku calls it Action Smoothing
• Google TV calls it Motion Enhancement
• Vizio calls it Smooth Motion Effect.
• Samsung calls it Auto Motion Plus
• LG calls it TruMotion
• Sony calls it Motionflow
• Roku calls it Action Smoothing
• Google TV calls it Motion Enhancement
• Vizio calls it Smooth Motion Effect.
November 25, 2024 at 11:31 PM
For those going home to visit family this weekend:
• Samsung calls it Auto Motion Plus
• LG calls it TruMotion
• Sony calls it Motionflow
• Roku calls it Action Smoothing
• Google TV calls it Motion Enhancement
• Vizio calls it Smooth Motion Effect.
• Samsung calls it Auto Motion Plus
• LG calls it TruMotion
• Sony calls it Motionflow
• Roku calls it Action Smoothing
• Google TV calls it Motion Enhancement
• Vizio calls it Smooth Motion Effect.
Reposted by Lenny Zeltser
Just because you’re good at a job doesn’t mean you’ll necessarily be equally good as the manager of people doing that job.
November 21, 2024 at 5:34 AM
Just because you’re good at a job doesn’t mean you’ll necessarily be equally good as the manager of people doing that job.
Reposted by Lenny Zeltser
You can keep up to date on which AI search companies haven’t bent the knee to Amazon pretty easily via their robots.txt:
November 22, 2024 at 8:34 PM
You can keep up to date on which AI search companies haven’t bent the knee to Amazon pretty easily via their robots.txt:
Reposted by Lenny Zeltser
PyPI adds digital attestations to bolster Python package security. #Python #PyPI #Security
PyPI Now Supports Digital Attestations for Package Security
PyPI adds digital attestations to bolster Python package security. #Python #PyPI #Security
blog.pypi.org
November 17, 2024 at 12:31 PM
PyPI adds digital attestations to bolster Python package security. #Python #PyPI #Security
Reposted by Lenny Zeltser
woot woot, we just got @huntress.com up. keep an eye out for new content there! 🥳🎉
November 13, 2024 at 9:32 PM
woot woot, we just got @huntress.com up. keep an eye out for new content there! 🥳🎉
Reposted by Lenny Zeltser
I’ve created a Starter Pack around cyber threat intelligence to make it easier to find that community here on Bluesky. Let me know of folks I missed, as I’m sure there are many! go.bsky.app/TxQYHap
November 9, 2024 at 11:08 PM
I’ve created a Starter Pack around cyber threat intelligence to make it easier to find that community here on Bluesky. Let me know of folks I missed, as I’m sure there are many! go.bsky.app/TxQYHap
Security teams' visibility allows us to help the company lower expenses while also decreasing risk. Reducing costs associated with unneeded user accounts and apps, for example, is another way for security leaders to add value:
Security Leaders Can Lower Expenses While Reducing Risk
As companies seek to optimize operations and constrain expenses, cybersecurity leaders worry about funding the projects we consider essential. Fortunately, in such an economic climate, we can achieve
zeltser.com
August 23, 2023 at 1:46 PM
Security teams' visibility allows us to help the company lower expenses while also decreasing risk. Reducing costs associated with unneeded user accounts and apps, for example, is another way for security leaders to add value:
Reposted by Lenny Zeltser
I am the greatest Prompt Engineer in the world.
July 12, 2023 at 11:44 PM
I am the greatest Prompt Engineer in the world.
How long until adventurous skiers replace their ski goggles with Apple Vision Pro?
June 6, 2023 at 3:10 AM
How long until adventurous skiers replace their ski goggles with Apple Vision Pro?
Kvetching about bad business and security practices is therapeutic, so I wrote this: Withholding SSO from customers is bad for business and security. https://zeltser.com/witholding-sso/
May 26, 2023 at 2:19 AM
Kvetching about bad business and security practices is therapeutic, so I wrote this: Withholding SSO from customers is bad for business and security. https://zeltser.com/witholding-sso/
Reposted by Lenny Zeltser
We ran an editorial at Scientific American about the overwhelming evidence that school should start later. A teacher got his students to write to us & the school! changed! its! schedule!!! https://www.scientificamerican.com/article/high-school-students-need-more-sleep-and-later-school-start-times/
High School Students Need More Sleep and Later School Start Times
After reading a Scientific American editorial on sleep and school start times, students and their teacher wrote to the editors about their experiences. Their district listened, and school will start later next year
www.scientificamerican.com
May 24, 2023 at 12:26 PM
We ran an editorial at Scientific American about the overwhelming evidence that school should start later. A teacher got his students to write to us & the school! changed! its! schedule!!! https://www.scientificamerican.com/article/high-school-students-need-more-sleep-and-later-school-start-times/