Joseph Muniz is a renowned security expert and security artificial intelligence specialist at Microsoft. With a passion for making the world a safer place, he is dedicated to promoting education and research on adversary tactics.

Joseph has over two decades of experience designing security solutions and architectures for Fortune 500 companies and the US Government, serving as a trusted advisor. He is a researcher and thought leader in the industry, regularly speaking at international conferences and contributing to technical magazines. Joseph also develops training for various industry certifications, and has invented the fictitious character of Emily Williams to raise awareness of social engineering.

As the founder of, Joseph has created a valuable resource for security and product implementation. He is the author and contributor of several publications, ranging from security best practices to exploitation tactics. His latest title, The Modern Security Operations Center, was released in 2021 and is his tenth publication.

When not working with technology, Joseph can be found on the soccer field or raising the next generation of hackers – his children. Follow Joseph’s work on Twitter at @SecureBlogger.


Author: The Modern Security Operations Center Spring 2021 Amazon HERE

Author: CCNP Security Virtual Private Networks SVPN 300-730 Spring 2021 Amazon HERE

Author: CCNA Security Cisco Identify Services Engine SISE 300-715 Spring 2020 Oreilly HERE / Pearson HERE

Author: Investigating the Cyber Breach: The Digital Forensics Guide for the Network Engineer  February 9, 2018 Cisco Press HERE / Amazon HERE

Author: CCNA Cyber Ops SECFND #210-250 Official Cert Guide 1st edition      Spring 2017 Cisco Press – HERE / Amazon HERE

Author: CCNA Cyber Ops SECOPS #210-255 Official Cert Guide 1st edition        Spring 2017 Cisco Press – HERE / Amazon HERE

Author: Digital Forensics and Cyber Crime with Kali Linux Fundamentals — Video  Sept 2017 Cisco Press – HERE

Author: CompTIA Cybersecurity Analyst CSA+ (CS0-001) Complete Video Course and Practice Test — Video  Oct 2017 Pearson – HERE

Author: Security Operations Center: Building, Operating and Maintaining your SOC – November 2015 Cisco Press – Purchase HERE / Amazon HERE

Author: Penetration Testing with Raspberry Pi – January 2015 Packt publishing – Purchase HERE / Amazon HERE / Barnes & Noble HERE

Author: Web Penetration Testing with Kali Linux – August 2013 Packt publishing – Purchase HERE / Amazon HERE / Barnes & Noble HERE

Article: Launching Social Media Based Attack – PenTest Magazine, Nov 2013
Article: Compromising Passwords w/ Kali Linux – PenTest Magazine, July 2013
Reviewer: Kali Linux Social Engineering – Packt Publishing, Dec 2013
Reviewer: Instant XenMobile MDM – Packt Publishing, Sept  2013
Reviewer: Citrix XenMobile Mobile Device Management – Packt Pub, Feb 2014
Reviewer: Getting Started With XenDesktop 7.x – Packt Pub, April 2014
Reviewer: Kali Linux CTF Blueprints– Packt Pub, Aug 2014
Reviewer: Building Virtual Pentesting Labs for Advanced Penetration Testing 2nd edition– Packt Pub, Aug 2016
Reviewer: Penetration Testing with Raspberry Pi  2nd edition– Packt Pub, Dec 2016

Click To See Security Talks

I hold many certifications to include:

  • CMMC Registered Practitioner –
  • AWS Certified Solutions Architect – Associate
  • Certified Information Systems Security Professional CISSP
  • EC-Council Certified Ethical Hacker CEH
  • EC-Council Certified Security Analyst ECSA
  • EC-Council Certified Computer Hacking Forensic Investigator CHFI
  • CompTIA CSA+
  • Certified Penetration Tester IACRB
  • Cisco Certified Design Associate CCDA
  • Cisco Certified Network Associate CCNA
  • Cisco Certified Design Professional CCDP
  • Cisco Certified Network Professional CCNP
  • Cisco Certified Network Professional Security CCNP-Security
  • Cisco Certified Security Professional CCSP
  • Cisco Certified Voice Professional CCVP
  • Cisco Firewall specialistCisco IPS Specialist
  • Cisco Information Security Specialist
  • Cisco Advance Wireless Design Specialist
  • Cisco Advanced Security Field Specialist
  • Cisco IP Communications Support Specialist
  • Cisco Identity Services Engine Certified
  • SourceFire Certified Professional (SFCP)
  • SourceFire Certified Professional (SFCP-AMP)
  • Symantec Data Loss Prevention
  • Symantec PGP Endpoint Encryption
  • Symantec SSE PGP File Encryption
  • Altiris Client Management Suite and Server Management Suite
  • Symantec Network Admission Control
  • RSA DLP Suite Certified Systems Engineer CSE
  • RSA enVision Certified Systems Engineer CSE
  • RSA SecurID Certified Systems Engineer CSE
  • RSA Archer Certified Administrator CA
  • Routing and Switching Solutions for Systems Engineers
  • Information Systems Security (INFOSEC) professional
  • NetWitness SE Certification
  • McAfee Technical Professional Data Protection
  • McAfee Technical Professional Network Defense
  • McAfee Technical Professional Risk & Compliance
  • McAfee Technical Professional Web and Email security
  • McAfee Technical Professional System Security
  • F5 Technical Sales Accreditation
  • Certified Meraki Networking Associate

Masters degree in Cyber Security and Information Assurance

Bachelors degree in Computer Science and Math

Contact: [email protected]

NOTICE ABOUT CONTENT ON THIS BLOG: does not represent or endorse the accuracy or reliability of any information’s, content or advertisements contained on, distributed through, or linked, downloaded or accessed from any of the services contained on this website, nor the quality of any products, information’s or any other material displayed,purchased, or obtained by you as a result of an advertisement or any other information’s or offer in or in connection with the services herein. Everything on this blog is based on personal opinion and should be interoperated as such.

18 thoughts on “”

  1. I’d appreciate an offline email exchange.
    The question is to malware / mobile devices and business concerns.
    I’m seeking your input over certain concerns (mobile devices).

  2. Hi Joe,

    I stumbled over your ’Social Media Deception’ and I think it proves a very important point. I am practicing IT security at Coop, Danish leading retailer (at least we think so :-)) with 30.000 employees and 1200 stores across the country. We own 4 different chains, and they all think Facebook is fantastic to sell all our goods.

    I have planned a meeting with all the facebook responable people and the presentation I am making to that meeting will have a bit of content from your presentation – I hope that is ok.

    I have downloaded the PDF version of your talk from RSAs website, and unfortunately for the pages that has a bit of powerpoint action on them (picture over picture overlay), it’s impossible to take screenshots and use that for my own presentation – especially the slides about the impact of social media and people trust people has some points I would like to reuse, but are impossible to see 🙁

    So to make a long story short, I would like to have the PPT version of your talk so I can grab the bits and pieces I need for my (strictly internal) presentation.

    Can I get that?

    Thanks in advance – and thanks for the great talk. I really think it’s spot on!


    1. Hi Klaus,

      I’m glad you liked the presentation and research. I’m more than happy to share our presentation with you. What email address should I send a download link to?

      If it is ok with you, would you mind sharing your final presentation with me? We love hearing about people using the concepts for their security practice.

      Thank you


      1. Hi Joe,

        I thought you could see the email adress I provided with the post – but I guess not.

        Please send the presentation to kap at coop dot dk (trying to not make it myself an easy spam target…)

        I will be happy to send you the presentation – it will be in danish, but if that’s ok with you, it’s ok with me too 🙂



        1. No problem. I just love hearing about how the research is used. I’ll send it later today


          1. Hi Joey, thanks a lot for the presentation. Where should I send my presentation? The email you mention in another post on this site doesn’t work.

            Btw: At Coop we plan to use your case in an internal awareness campaign (a small one, a 2 min video, questionnaire, stickers and posters) – I will keep you posted on how it goes..

            1. Looking forward to seeing it. Send it to the email addresses listed in the ABOUT section of this blog. Thanks!

  3. Joseph, this is Harris Andrea from

    I really love your blog man. You have so much interesting content in here. I’m working in similar fields as you are (network security , cisco asa, penetration testing etc) so I always find your content very useful and helpful.

    Keep up the great work.


    1. Hi Harris. Thanks for the feedback. Let me know if there are other topics you want me to look into.

  4. hi ,

    Is there Anyone help me for my issue which i am having since from last 4 days in my company test network . we have Cisco ASA 5525-X Firewall with firepower module . i have successfully install the sfr up and running . policies are made successfully . but i am having only one issue is actually health summary status is disable . we have version 5.4.0 . kindly please confirm is there any bug in this current version .



    1. Hi Khan,

      You should check out the videos section I have on this blog that showcases how to setup FirePOWER. FYI Firepower 5.4 is a few versions older than the latest, which is 6.1. If you are seeing a health summery status disabled, it may be a license issue. Is your system licensed and which version (smart license or older static)? Worst case, you can open a TAC case or reach out to your technology provider to identify your licensing.

      Hope this helps!

  5. Hey there Joseph…i’m a Cisco customer who has happened upon this site/blog as a result of looking to find add’l info about the FirePOWER services available thru subscription licensing (AMP-N, IPS/IDS, URL) on my ASA-X device. recently we did consult a 3rd party ‘impartial’ to review network security and they emphatically are against this setup in any way/shape/form…and do suggest either of 2 diff ‘top Gartner quadrant’ choices. i figure you have a large bit of bias here, but WHAT is to show that the Cisco/FireP solutions ARE able to be adequately part of a full portfolio of layered security ?

  6. Hi there! I found this blog after reading Pen Testing with Raspberry Pi which is really one of the seminal works on the subject. And what can I say, Joseph really knows his stuff! The articles on social engineering are easily my favorite, but I also found out a lot about lock picking. Whelp, I guess I have a new hobby now…

  7. Excellent material to incorporate it to expand our knowledge.
    Surely, here is NOT everything the author wants to convey and our words are NOT enough to express what I feel.
    We will continue to move forward and thank you very much for the contributions.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.