Joseph Muniz is a Security and Artificial Intelligence Advisor at Microsoft and a security researcher. With a passion for making the world a safer place, he is dedicated to promoting education and research on adversary tactics.
Joseph has over two decades of experience designing security solutions and architecture for Fortune 500 companies and the US Government, serving as a trusted advisor. He is a researcher and thought leader in the industry, regularly speaking at international conferences and contributing to technical magazines. Joseph also develops training for various industry certifications and has invented the fictitious character of Emily Williams to raise awareness of social engineering.
As the founder of thesecurityblogger.com, Joseph has created a valuable resource for security and product implementation. He is the author and contributor to several publications, ranging from security best practices to exploitation tactics. His latest title, The Modern Security Operations Center, was released in 2021 and is his tenth publication.
When not working with technology, Joseph can be found on the soccer field or raising the next generation of hackers – his children. Follow Joseph’s work on Twitter at @SecureBlogger.
Publications
Author: The Complete Guide to Microsoft Copilot for Security: Empower and Protect the Security Operations Center (SOC) (Video) October 2024 HERE
Author: The Modern Security Operations Center Spring 2021 Amazon HERE
Author: The Zero Trust Framework August 2023 HERE
Author: CCNP Security Virtual Private Networks SVPN 300-730 Spring 2021 Amazon HERE
Author: CCNA Security Cisco Identify Services Engine SISE 300-715 Spring 2020 Oreilly HERE / Pearson HERE
Author: Investigating the Cyber Breach: The Digital Forensics Guide for the Network Engineer February 9, 2018 Cisco Press HERE / Amazon HERE
Author: CCNA Cyber Ops SECFND #210-250 Official Cert Guide 1st edition Spring 2017 Cisco Press – HERE / Amazon HERE
Author: CCNA Cyber Ops SECOPS 210-255 Pearson uCertify Course and Labs Student Access Card December 2017 Pearson – HERE
Author: CCNA Cyber Ops SECOPS #210-255 Official Cert Guide 1st edition Spring 2017 Cisco Press – HERE / Amazon HERE
Author: Digital Forensics and Cyber Crime with Kali Linux Fundamentals — Video Sept 2017 Cisco Press – HERE
Author: CompTIA Cybersecurity Analyst CSA+ (CS0-001) Complete Video Course and Practice Test — Video Oct 2017 Pearson – HERE
Author: Security Operations Center: Building, Operating and Maintaining your SOC – November 2015 Cisco Press – Purchase HERE / Amazon HERE
Author: Penetration Testing with Raspberry Pi – January 2015 Packt publishing – Purchase HERE / Amazon HERE / Barnes & Noble HERE
Author: Web Penetration Testing with Kali Linux – August 2013 Packt publishing – Purchase HERE / Amazon HERE / Barnes & Noble HERE
Article: Launching Social Media Based Attack – PenTest Magazine, Nov 2013
Article: Compromising Passwords w/ Kali Linux – PenTest Magazine, July 2013
Reviewer: Kali Linux Social Engineering – Packt Publishing, Dec 2013
Reviewer: Instant XenMobile MDM – Packt Publishing, Sept 2013
Reviewer: Citrix XenMobile Mobile Device Management – Packt Pub, Feb 2014
Reviewer: Getting Started With XenDesktop 7.x – Packt Pub, April 2014
Reviewer: Kali Linux CTF Blueprints– Packt Pub, Aug 2014
Reviewer: Building Virtual Pentesting Labs for Advanced Penetration Testing 2nd edition– Packt Pub, Aug 2016
Reviewer: Penetration Testing with Raspberry Pi 2nd edition– Packt Pub, Dec 2016
I hold many certifications to include:
- CMMC Registered Practitioner – https://cmmcab.org/marketplace/joseph-muniz/
- AWS Certified Solutions Architect – Associate
- Certified Information Systems Security Professional CISSP
- EC-Council Certified Ethical Hacker CEH
- EC-Council Certified Security Analyst ECSA
- EC-Council Certified Computer Hacking Forensic Investigator CHFI
- CompTIA CSA+
- Certified Penetration Tester IACRB
- Cisco Certified Design Associate CCDA
- Cisco Certified Network Associate CCNA
- Cisco Certified Design Professional CCDP
- Cisco Certified Network Professional CCNP
- Cisco Certified Network Professional Security CCNP-Security
- Cisco Certified Security Professional CCSP
- Cisco Certified Voice Professional CCVP
- Cisco Firewall specialistCisco IPS Specialist
- Cisco Information Security Specialist
- Cisco Advance Wireless Design Specialist
- Cisco Advanced Security Field Specialist
- Cisco IP Communications Support Specialist
- Cisco Identity Services Engine Certified
- SourceFire Certified Professional (SFCP)
- SourceFire Certified Professional (SFCP-AMP)
- Symantec Data Loss Prevention
- Symantec PGP Endpoint Encryption
- Symantec SSE PGP File Encryption
- Altiris Client Management Suite and Server Management Suite
- Symantec Network Admission Control
- RSA DLP Suite Certified Systems Engineer CSE
- RSA enVision Certified Systems Engineer CSE
- RSA SecurID Certified Systems Engineer CSE
- RSA Archer Certified Administrator CA
- Routing and Switching Solutions for Systems Engineers
- Information Systems Security (INFOSEC) professional
- NetWitness SE Certification
- McAfee Technical Professional Data Protection
- McAfee Technical Professional Network Defense
- McAfee Technical Professional Risk & Compliance
- McAfee Technical Professional Web and Email security
- McAfee Technical Professional System Security
- F5 Technical Sales Accreditation
- Certified Meraki Networking Associate
Masters degree in Cyber Security and Information Assurance
Bachelors degree in Computer Science and Math
Contact: [email protected]
NOTICE ABOUT CONTENT ON THIS BLOG:
https://www.thesecurityblogger.com does not represent or endorse the accuracy or reliability of any information’s, content or advertisements contained on, distributed through, or linked, downloaded or accessed from any of the services contained on this website, nor the quality of any products, information’s or any other material displayed,purchased, or obtained by you as a result of an advertisement or any other information’s or offer in or in connection with the services herein. Everything on this blog is based on personal opinion and should be interoperated as such.
I’d appreciate an offline email exchange.
The question is to malware / mobile devices and business concerns.
I’m seeking your input over certain concerns (mobile devices).
My email is [email protected]. Feel free to email me directly. Thank you
Hi Joe,
I stumbled over your ’Social Media Deception’ and I think it proves a very important point. I am practicing IT security at Coop, Danish leading retailer (at least we think so :-)) with 30.000 employees and 1200 stores across the country. We own 4 different chains, and they all think Facebook is fantastic to sell all our goods.
I have planned a meeting with all the facebook responable people and the presentation I am making to that meeting will have a bit of content from your presentation – I hope that is ok.
I have downloaded the PDF version of your talk from RSAs website, and unfortunately for the pages that has a bit of powerpoint action on them (picture over picture overlay), it’s impossible to take screenshots and use that for my own presentation – especially the slides about the impact of social media and people trust people has some points I would like to reuse, but are impossible to see 🙁
So to make a long story short, I would like to have the PPT version of your talk so I can grab the bits and pieces I need for my (strictly internal) presentation.
Can I get that?
Thanks in advance – and thanks for the great talk. I really think it’s spot on!
/klaus
Hi Klaus,
I’m glad you liked the presentation and research. I’m more than happy to share our presentation with you. What email address should I send a download link to?
If it is ok with you, would you mind sharing your final presentation with me? We love hearing about people using the concepts for their security practice.
Thank you
Joey
Hi Joe,
I thought you could see the email adress I provided with the post – but I guess not.
Please send the presentation to kap at coop dot dk (trying to not make it myself an easy spam target…)
I will be happy to send you the presentation – it will be in danish, but if that’s ok with you, it’s ok with me too 🙂
Thanks
/klaus
No problem. I just love hearing about how the research is used. I’ll send it later today
Joey
Hi Joey, thanks a lot for the presentation. Where should I send my presentation? The email you mention in another post on this site doesn’t work.
Btw: At Coop we plan to use your case in an internal awareness campaign (a small one, a 2 min video, questionnaire, stickers and posters) – I will keep you posted on how it goes..
Looking forward to seeing it. Send it to the email addresses listed in the ABOUT section of this blog. Thanks!
Joseph, this is Harris Andrea from networkstraining.com
I really love your blog man. You have so much interesting content in here. I’m working in similar fields as you are (network security , cisco asa, penetration testing etc) so I always find your content very useful and helpful.
Keep up the great work.
Harris
Hi Harris. Thanks for the feedback. Let me know if there are other topics you want me to look into.
I found this blog as very informative and useful for knowledge enhancement.
Great Work!!!
hi ,
Is there Anyone help me for my issue which i am having since from last 4 days in my company test network . we have Cisco ASA 5525-X Firewall with firepower module . i have successfully install the sfr up and running . policies are made successfully . but i am having only one issue is actually health summary status is disable . we have version 5.4.0 . kindly please confirm is there any bug in this current version .
Thanks,
Khan
Hi Khan,
You should check out the videos section I have on this blog that showcases how to setup FirePOWER. FYI Firepower 5.4 is a few versions older than the latest, which is 6.1. If you are seeing a health summery status disabled, it may be a license issue. Is your system licensed and which version (smart license or older static)? Worst case, you can open a TAC case or reach out to your technology provider to identify your licensing.
Hope this helps!
Great write up Joey!
Hey there Joseph…i’m a Cisco customer who has happened upon this site/blog as a result of looking to find add’l info about the FirePOWER services available thru subscription licensing (AMP-N, IPS/IDS, URL) on my ASA-X device. recently we did consult a 3rd party ‘impartial’ to review network security and they emphatically are against this setup in any way/shape/form…and do suggest either of 2 diff ‘top Gartner quadrant’ choices. i figure you have a large bit of bias here, but WHAT is to show that the Cisco/FireP solutions ARE able to be adequately part of a full portfolio of layered security ?
Hi, Awesome publication! Its amazing how many holes there are in the systems that so many people think are “Secure”
Perhaps your viewers would be interested in the Blog post I am working on now entitled “What kind of locks are there?”
Keep up the good work!
Jim
Hi there! I found this blog after reading Pen Testing with Raspberry Pi which is really one of the seminal works on the subject. And what can I say, Joseph really knows his stuff! The articles on social engineering are easily my favorite, but I also found out a lot about lock picking. Whelp, I guess I have a new hobby now…
Excellent material to incorporate it to expand our knowledge.
Surely, here is NOT everything the author wants to convey and our words are NOT enough to express what I feel.
We will continue to move forward and thank you very much for the contributions.