Ochaun Marshall

Ochaun Marshall is a consultant with a background in education, big data, and machine learning. He has presented findings for the National Science Foundation on automated network intrusion detection, and taught courses on computer science and software development at the secondary and collegiate levels. He is passionate about software engineering instruction, computational ethics and secure software design in the SDLC. In his spare time, he enjoys reading and listening to podcasts at x1.75 speed.

image of crowd protesting with one man highlighted read in the center

The OPSEC of Protesting

For the past three months thousands of people have been protesting in the United States due to the deaths of George Floyd, Breonna Taylor, Tony McDade, and others. Many of the protesters are posting, recording, and streaming live while demonstrating. This begs the question… How do I protect myself online while protesting?  Most of the …

The OPSEC of Protesting Read More »

[Update] Using Components with Known Vulnerabilities

When an organization has a breach, you would like to imagine that the attacker crafted a new exploit, leveraging a zero-day vulnerability that no one has any protection against. However, It is far more likely that the attacker exploited well-known vulnerabilities that may have been residing within their systems for months, if not years.  Attackers …

[Update] Using Components with Known Vulnerabilities Read More »

IAM Access Analyzer Review

TL;DR – This is a free tool that helps solve one of the biggest security problems when working in AWS. Turn it on. Turn it on now! Instructions are here.  AWS misconfigurations are costly and difficult problems to solve. A lot of what goes wrong in with S3 and IAM policies is the fact that …

IAM Access Analyzer Review Read More »

Taming the Jungle: Hardening your AWS infrastructure

After nine tutorials, sixteen posts on stack overflow, and several hours or workweeks of effort you’ve finally done it. You’ve finally got something in Amazon Web Services (AWS) to work as expected. It could have been something as simple as a static hosted site, or as complicated as a massive blockchain distributed machine learning web …

Taming the Jungle: Hardening your AWS infrastructure Read More »

Automating Red Team Homelabs: Part 2 – Build, Pentest, Destroy, and Repeat

As of 2019-05-14 the Funny Stories section has been updated. Now that we understand what the goal is from my first blog post, we can move into the good stuff! The packer build process is pretty much the whole reason I embarked on this journey of automation. I got tired of installing kali from an …

Automating Red Team Homelabs: Part 2 – Build, Pentest, Destroy, and Repeat Read More »

Scroll to Top