Adam Messer

whoami ?

I am a senior threat hunter and technical lead with four years of experience defending networks and conducting incident response to detect malicious cyber actors. I served four years as an Army Cyber officer, and I'm currently transitioning out of the military and seeking roles where I can apply my leadership and technical expertise. I'm passionate about threat hunting, cloud technologies, machine learning and where they converge!

This Site - AWS Backend

This website is a product of the Cloud Resume Challenge. It's hosted and supported by a variety of Amazon Web Service (AWS) services. Note the Visitor Count on the right toolbar that tracks every new visit to the site!

Here's a look at just some of the services and work that went into configuring this cloud native website.

  • Serverless Lambda Functions
  • S3 Bucket Static Site Hosting
  • DynamoDB Backend
  • Route 53 DNS Routing
  • Cloudfront Content Delivery
  • Terraform Infrastructure-As-Code

Experiences

Below is a summary of my education, certifications, published writing, and cyber projects.

Education

I graduated with a B.S. in Systems Science and Engineering from a top 25 university and recently completed a M.S. in Cybersecurity.

  • B.S. in Systems Science and Engineering - Washinton University in St. Louis - 2020
    • Concentration in Mechanical Engineering
    • Minor in Writing
  • M.S. in Cybersecurity and Information Assurance - Western Governor's University - 2022
    • Capstone in Enterprise Security Data Visibility Analysis and Improvement

Certifications

Verify my credentials with Credly.

  • Offensive Security Certified Professional (OSCP)
  • GIAC Machine Learning Engineer (GMLE)
  • GIAC Cloud Penetration Tester (GCPN)
  • GIAC Cloud Forensics Responder (GCFR)
  • ISC2 Associate
  • CompTIA Linux+
  • AWS Certified Cloud Practitioner
  • EC-Council Certified Ethical Hacker (CEH)

Cyber Projects

Here's the short list of my favorite previous and ongoing cyber projects:

  • Cloud Resume Challenge

    • The only way to confidently find threats in cloud infrastructure is to understand the assets they aim to exploit! The CRC requires its challengers to grasp, develop, and secure multiple cloud services. One of the best takeaways from this project was a greater understanding of how Identity works in AWS - outside of just IAM. I decided to take an extensible, realistic, and applicable approach to managing identity by configuring AWS Organizations, AWS SSO, and secure AWS CLI access.

  • Autoaudit - A Lightweight Bash Program to Detect Log Tampering and Identity Attacks

    • Early in my cybersecurity career, I identified Linux systems as a personal shortcoming. Determined to do better, I studied for and passed the Linux+ certification, also developing a new appreciation for the OS. As part of my ongoing exploration, I built a lightweight Bash tool that will detect log tampering and authentication attacks in the often-overlooked utmp, btmp, and wtmp logs. You can view the script and try it out for yourself at my Github and read this Medium write-up!

  • Native Bash Implementation of DBSCAN

    • I saw a lot of value in having a lightweight, extensible implentation of Density Based Spatial Clustering with Applications of Noise (DBSCAN) written in Bash (shell)... so I wrote it out. This project helped develop my understanding of machine learning and Bash - and as far as I'm aware - there's no other Bash DBSCAN program out there. It can be found on my Github.

Cloud Forensics

I use a DFIR lab built on AWS resources for Windows, Linux, and AWS forensics and detection engineering. I'm gradually writing new material about what I've done to share with the greater community. All my material can be found on my Medium blog or below:

Contact Me

I'm open for inquiries regarding employment and always ready to discuss an exciting project in cybersecurity. To receive a copy of my resume or get in touch, please reach out to me on my LinkedIn.