Detection Engineer

Shane Welcher

Shane has a wide range of security experience: data analysis, forensics, debugging malware, penetration testing, and network and system administration. He is passionate about open source projects and was the highest community contributor to the Atomic Red Team GitHub project before joining Red Canary. In his free time, Shane enjoys studying different approaches to exploiting networks and applications, assisting others with open-source SIEM solutions, and traveling.
What is normal? Profiling System32 binaries to detect DLL Search Order Hijacking
Detecting attacks leveraging the .NET Framework
Advanced persistence threats: to be a cybercriminal, think like a sysadmin
MITRE ATT&CK Deep Dive: Persistence