Seth Feldman
Offense-informed defense
About Me
With nearly two decades of experience in cybersecurity, I specialize in detection engineering, incident response, and building modern, AI-driven security operations tailored to complex environments. I leverage offensive security concepts to enhance defense—thinking like an attacker to stay one step ahead
Areas of Expertise
Security Architecture & Engineering
- Cloud Security
- Network Architecture
- SIEM & Log Pipelines
- Endpoint Hardening
Threat Detection & Response
- Detection-as-Code
- Threat Hunting
- Incident Response
- MITRE ATT&CK Mapping
Technical Skills
- Detection Engineering
- Cloud & Network Security Architecture
- Threat Intelligence
- Adversary Simulation
Leadership
- Team Enablement & Mentorship
- Customer Advisory & Communication
- Executive Incident Briefing
- MSSP/XDR Strategy & Planning
Recent Highlights
- Built a scalable, AI-enhanced detection pipeline integrating open-source tools for endpoint and network telemetry analysis
- Led a compromise assessment for a healthcare provider, uncovering lateral movement and credential harvesting post-infection
- Developed a library of detections mapped to MITRE ATT&CK for cloud and endpoint visibility across customer environments
- Advised C-level executives during a live incident response engagement, bridging technical findings with strategic action plans
Latest Blog Posts
Security Automation vs. Security Theater: Building Programs That Actually Work
Security Automation vs. Security Theater: Building Programs That Actually Work
The security automation market will hit $39.65 billion by 2034. That’s a lot of money chasing a simple promise: machines handling the boring stuff so humans can focus on real threats.
But here’s the uncomfortable truth I’ve learned after 15 years of building security programs: most automation initiatives fail spectacularly. They burn through budgets, frustrate teams, and leave organizations less secure than when they started.
Professionalism in Cybersecurity: Leading with Integrity
Professionalism in Cybersecurity: Leading with Integrity
Fifteen years navigating the waters of cybersecurity leadership, from scrappy startups to Fortune 500 companies, from government agencies to international startups, has identified one unshakeable truth: technical prowess opens doors, but professional integrity determines whether you construct something enduring or leave behind smoldering organizational wreckage.
I’ve witnessed brilliant security minds torpedo their trajectories through unprofessional conduct. Conversely, I’ve observed technically adequate practitioners ascend to industry prominence because they grasped cybersecurity’s fundamental reality. Trust. Accountability. Ethical stewardship.
Building Resilient Security Teams in Today's Threat Landscape
Building Resilient Security Teams in Today’s Threat Landscape
Fifteen years of leading security teams across startups and enterprises has taught me one truth: exceptional security doesn’t come from the latest tools or biggest budgets. It comes from people who can think critically, adapt quickly, and translate complex risks into business language.
The landscape has shifted dramatically since I started building teams. Today’s security leaders face a perfect storm of challenges—3.5 million unfilled cybersecurity positions globally, budget constraints replacing talent scarcity as the primary hiring barrier, and AI fundamentally changing how we approach threat detection and response.