Spencer Alessi
@bsky.ethicalthreat.com
- pentester/recovering sysadmin
- Ethical Threat
- Active Directory Security Connoisseur
- offensive stuff > securit360.com
- Host Cyber Threat POV > offsec.blog
- SWAG > swag.ethicalthreat.com
- free newsletter > https://click.spenceralessi.com/mylinks
- Ethical Threat
- Active Directory Security Connoisseur
- offensive stuff > securit360.com
- Host Cyber Threat POV > offsec.blog
- SWAG > swag.ethicalthreat.com
- free newsletter > https://click.spenceralessi.com/mylinks
In cybersecurity and in life...
July 7, 2025 at 2:07 PM
In cybersecurity and in life...
more alerts != better threat detection
i'm a big fan of deception for a couple reasons:
1) because of the quality of the alerts
i'm a big fan of deception for a couple reasons:
1) because of the quality of the alerts
July 1, 2025 at 8:23 PM
more alerts != better threat detection
i'm a big fan of deception for a couple reasons:
1) because of the quality of the alerts
i'm a big fan of deception for a couple reasons:
1) because of the quality of the alerts
What a great idea...time to spin up an AI agent to analyze all of John Hammond's videos 😋😎
For real though someone build this and open source it. 10/10 would use it
For real though someone build this and open source it. 10/10 would use it
June 24, 2025 at 1:13 PM
What a great idea...time to spin up an AI agent to analyze all of John Hammond's videos 😋😎
For real though someone build this and open source it. 10/10 would use it
For real though someone build this and open source it. 10/10 would use it
If you think these graphic design skills are good, just wait until you see the webinar...
Agenda: convince anyone not using deception currently to start...
us06web.zoom.us/webinar/regi...
Agenda: convince anyone not using deception currently to start...
us06web.zoom.us/webinar/regi...
June 20, 2025 at 12:42 PM
If you think these graphic design skills are good, just wait until you see the webinar...
Agenda: convince anyone not using deception currently to start...
us06web.zoom.us/webinar/regi...
Agenda: convince anyone not using deception currently to start...
us06web.zoom.us/webinar/regi...
What a time to be alive…
June 18, 2025 at 7:05 PM
What a time to be alive…
Scare a sysadmin in 3 words or less
June 9, 2025 at 2:07 PM
Scare a sysadmin in 3 words or less
What’s the cybersecurity equivalent of a tourniquet?
Isolation/containment via EDR…
Logging a user out everywhere in M365…
Pulling the power cord…
What else?
Isolation/containment via EDR…
Logging a user out everywhere in M365…
Pulling the power cord…
What else?
May 28, 2025 at 2:12 PM
What’s the cybersecurity equivalent of a tourniquet?
Isolation/containment via EDR…
Logging a user out everywhere in M365…
Pulling the power cord…
What else?
Isolation/containment via EDR…
Logging a user out everywhere in M365…
Pulling the power cord…
What else?
I was trying to get ChatGPT to create mock-ups of heatmaps or "x-rays" I can use to better articulate where specific risks/vulns/misconfigs are present. This is my first attempt...is it wrong? 😅😂
May 27, 2025 at 1:13 PM
I was trying to get ChatGPT to create mock-ups of heatmaps or "x-rays" I can use to better articulate where specific risks/vulns/misconfigs are present. This is my first attempt...is it wrong? 😅😂
You know you're doing this security thing right....or horribly terribly wrong when you log into your VM and upon logon to a host you see this...
Did I do that? 🤔😅
Did I do that? 🤔😅
May 26, 2025 at 2:07 PM
You know you're doing this security thing right....or horribly terribly wrong when you log into your VM and upon logon to a host you see this...
Did I do that? 🤔😅
Did I do that? 🤔😅
This question…but for cybersecurity.
My response: Trust by default. Now it’s verify everything, assume breach, least privilege, segmentation, etc.
What do you think?
My response: Trust by default. Now it’s verify everything, assume breach, least privilege, segmentation, etc.
What do you think?
May 20, 2025 at 1:13 PM
This question…but for cybersecurity.
My response: Trust by default. Now it’s verify everything, assume breach, least privilege, segmentation, etc.
What do you think?
My response: Trust by default. Now it’s verify everything, assume breach, least privilege, segmentation, etc.
What do you think?
The thing is... I don't see this ever changing. People will always find the path of least resistance to get their work done. We have to design and secure in spite of that, not try to change it.
Source: 2025 Verizon DBIR
Source: 2025 Verizon DBIR
May 16, 2025 at 11:37 AM
The thing is... I don't see this ever changing. People will always find the path of least resistance to get their work done. We have to design and secure in spite of that, not try to change it.
Source: 2025 Verizon DBIR
Source: 2025 Verizon DBIR
This stuff takes time...💃🕺
Source: 2025 Verizon DBIR
Source: 2025 Verizon DBIR
May 16, 2025 at 11:33 AM
This stuff takes time...💃🕺
Source: 2025 Verizon DBIR
Source: 2025 Verizon DBIR
Every Monday I send a free weekly newsletter that includes a combination of...My take on current events and actionable tips for defenders to help you secure your environments. Inboxes are noisy these days, but I would love the chance to earn a spot in yours.
go.spenceralessi.com/mylinks
go.spenceralessi.com/mylinks
May 13, 2025 at 1:13 PM
Every Monday I send a free weekly newsletter that includes a combination of...My take on current events and actionable tips for defenders to help you secure your environments. Inboxes are noisy these days, but I would love the chance to earn a spot in yours.
go.spenceralessi.com/mylinks
go.spenceralessi.com/mylinks
You've got about 2 weeks to patch edge devices when vulnerability or exploitation information is publicly disclosed, but to be honest I think that's a bit generous...
Source: Mandiant M-Trends 2025
Source: Mandiant M-Trends 2025
May 6, 2025 at 8:23 PM
You've got about 2 weeks to patch edge devices when vulnerability or exploitation information is publicly disclosed, but to be honest I think that's a bit generous...
Source: Mandiant M-Trends 2025
Source: Mandiant M-Trends 2025
As much as the industry is moving forward and security is getting so much better, there's an equal amount of systems and processes that are still very much stuck in the past...
May 5, 2025 at 2:07 PM
As much as the industry is moving forward and security is getting so much better, there's an equal amount of systems and processes that are still very much stuck in the past...
It’s probably time we retire VPNs. There’s much better options now, like zscaler and tailscale and others.
The rate at which these VPN appliances are being attacked and exploited doesn’t seem to be slowing down
Source: 2025 Verizon DBIR
The rate at which these VPN appliances are being attacked and exploited doesn’t seem to be slowing down
Source: 2025 Verizon DBIR
May 1, 2025 at 1:34 PM
It’s probably time we retire VPNs. There’s much better options now, like zscaler and tailscale and others.
The rate at which these VPN appliances are being attacked and exploited doesn’t seem to be slowing down
Source: 2025 Verizon DBIR
The rate at which these VPN appliances are being attacked and exploited doesn’t seem to be slowing down
Source: 2025 Verizon DBIR
Prevention > Detection.
Let’s make attackers hate their life.
No doubt EDR is essential, but it’s not a silver bullet.
Let’s make attackers hate their life.
No doubt EDR is essential, but it’s not a silver bullet.
April 22, 2025 at 8:23 PM
Prevention > Detection.
Let’s make attackers hate their life.
No doubt EDR is essential, but it’s not a silver bullet.
Let’s make attackers hate their life.
No doubt EDR is essential, but it’s not a silver bullet.
ChatGPT knows us so well 😂😅
April 8, 2025 at 8:23 PM
ChatGPT knows us so well 😂😅
Life as a sysadmin, am I right? Sometimes I miss the job… 😅🤘🎸
April 7, 2025 at 2:07 PM
Life as a sysadmin, am I right? Sometimes I miss the job… 😅🤘🎸
Security is a journey, we all know that...You don’t need to overhaul everything overnight, nor could you even if you wanted to. But you do need to start. Prioritize one item per month. Small wins over time really add up...
April 3, 2025 at 1:34 PM
Security is a journey, we all know that...You don’t need to overhaul everything overnight, nor could you even if you wanted to. But you do need to start. Prioritize one item per month. Small wins over time really add up...
Who needs the latest and greatest C2 when you've got RMM, RDP and a dream...
March 25, 2025 at 8:09 PM
Who needs the latest and greatest C2 when you've got RMM, RDP and a dream...