Michael is a Malware Archaeologist, Blue Team defender, Incident Responder and logoholic for NCC Group. Michael developed several Windows logging cheat sheets to help the security industry understand Windows logging, where to start and what to look for. Michael presents at many security and technology conferences helping to educate on security that attendees can go back to work and actually do. Michael is a primary contributor to the Open Source project ARTHIR. Michael is also co-developer of LOG-MD, a free and premium tool that audits the settings, harvests and reports on malicious Windows log data and malicious system artifacts. Michael is co-host of “THE Incident Response Podcast”. In addition Michael also ran BSides Texas entity (Austin, San Antonio, Dallas and Houston) for six years and lead for the Austin Conference.