Author Image

Hi, I am Brent

Brent Eskridge

Cyber Threat Intelligence

I create unique solutions to interesting and difficult challenges, but create even better solutions when collaborating in a diverse team. I have experience collaborating on threat intelligence, interdisciplinary research projects, implementing solutions in software, communicating complex concepts to a wide variety of audiences, and mentoring others.

Experiences

1
Threat Intelligence Analyst
IronNet

September 2021 - June 2022, Virginia

Responsibilities:
  • Tracked both established and emerging APT actors and their TTPs using open source intelligence (OSINT). Monitored gepolitical developments to anticipate future threat actor actions and trends. Combined this information with data gathered through internal sensors to produce strategic, operational and tactical threat intelligence, including IoCs and TTPs mapped to MITRE ATT&CK. Areas of specialty included cybercrime, data analysis, and communicating technical concepts.
  • Co-led internal briefings to peer and CXO level audiences and external briefings to customers and partners. Participated in weekly CXO level planning sessions for threat intelligence update reports sent to customer CEOs.
  • Collaborated with proactive threat engineers to produce actionable intelligence from large sensor datasets detailing threat actor command and control (C2) servers using Cobalt Strike and other frameworks.
  • Collaborated with network threat hunters to: identify potential threats and attack vectors; track threat actor actions using PCAPs, netflow, and metadata; and create after action reports and articles.
  • Led the creation of IronNet’s first annual threat report with responsibilities that included: identifying and organizing content, analyzing data and creating visualizations, coordinating with graphic designers, and creating content. The report resulted in IronNet’s largest media engagements to date.
  • Authored articles and infographics discussing technical details of observed cyber attacks and high-level trends in cybersecurity. Topics covered included: Log4j, Cobalt Strike, and critical infrastructure. The articles were in the top 10 most read IronNet publications to date.
  • Developed Python scripts to automate: the extraction, analysis, and visualization of threat intelligence; the import and export of research data between platforms; and the generation of weekly threat reports to customers.

Professor & Dept. Chair, Dept. of Computer Science and Network Engineering
Southern Nazarene University

August 2004 - May 2022, Oklahoma

Responsibilities:
  • Proposed, secured, and managed three interdisciplinary, multi-institution research projects that applied collective movement principles found in nature to teams of autonomous agents. Projects had funding in excess of $380,000 and consisted of two National Science Foundation (NSF) research grants and a sabbatical at the Max Planck Department of Collective Behaviour in Konstanz, Germany.
  • Led six different research projects with responsibilities including: defining the research questions, roadmap, and milestones; designing and performing experiments; and creating the data analysis process. As a result of these projects, 10 research assistants were mentored, 17 peer-reviewed research papers were published, and over 25 conference papers were presented across North America and Europe.
  • Designed, implemented, and maintained software for eight different research projects using concepts that include neural networks, reinforcement learning, fuzzy logic, autonomous agents, and multi-agent systems. Software used technologies such as Python, Java, R, Bash scripts, Ant, YAML, and GitHub.
  • Mentored, advised, and taught students in the Cybersecurity, Computer Science, Software Development, and Network Engineering programs, with over 90% of graduates successfully employed in their field.
  • Designed, taught, and assessed over 20 different Computer Science courses, consisting of over 150 different course sections. Courses were taught using face-to-face, remote, and hybrid modalities and covered topics including: software development, operating system concepts, computer architecture, Linux, algorithms, data structures, database systems, and ethics in technology.
  • Performed static and dynamic code analysis on student projects to assist in debugging and ensure requirements compliance. Languages included Python, Java, C/C++, MIPS assembly, Bash, and SQL.
  • Led the Computer Science and Network Engineering department and its five different degree programs for eight years with as many as 10 adjunct and full-time faculty and 50 enrolled majors in a semester. Responsible for recruiting adjunct faculty, managing the departmental budget, scheduling all courses, coordinating with other departments and administration, and leading the quadrennial assessment for all departmental programs and courses.
  • Elected three times to the Faculty Senate by peer faculty. Served twice on the university committee responsible for faculty rank advancement (i.e., promotion), once as co-chair with the provost. Served in various other capacities including: NASA Space Grant Committee (2009-Present), Technology Advisory Committee (2013-2019), and Faculty Representative to the Board of Trustees (2017-2018).
2

3
Software Consultant & Co-owner
els Solutions, LLC

March 2000 - July 2003, Oklahoma

Responsibilities:
  • Co-architected an object-oriented Java web application running on Linux which interfaced with a multi-valued (non-SQL) database residing on a Unix mainframe.
  • Designed, implemented and tested the application’s storage subsystem using Java, JDBC, and MySQL.
  • Collaborated with co-owners in making day-to-day business decisions, including project proposal and planning, budgeting, and customer negotiation. Led company networking and marketing efforts.

E-Application Developer
The Netplex Group

January 2000 - July 2001, Oklahoma

Responsibilities:
  • Co-architected and implemented an object-oriented framework for a university web portal using Java and DB2.
  • Mentored other developers as they learned the framework and the design patterns it employed.
4

5
Software Engineer II
Raytheon Systems Company

June 1997 - January 2000, Texas

Responsibilities:
  • Designed and implemented a Solaris (Unix) network server, with a custom message format and logging subsystem, in C++ that communicated with programmable logic controller (PLC) machinery.
  • Initiated, designed, and implemented a GUI tool in Perl/Tk that simplified QA testing of software-based device simulators. Due to its success, a second version was developed for use in subsequent projects.
  • Represented the software team for six months in initial offsite integration efforts with a subcontractor. This included troubleshooting network communications at the packet level, determining specification compliance, and serving as the software point-of-contact for the subcontractor.
  • Earned and maintained a security clearance (currently inactive).

Relevant Personal Experiences

  • Developed and taught an online Introduction to Linux course for TCM Security.
  • Operate a home cybersecurity learning lab using tools including: Kali Linux, pfSense, FLARE VM, REMnux, Trace Labs OSINT, ThreatPursuit VM, Linux Mint, and CentOS.
  • Completed numerous TryHackMe and RangeForce training rooms, including topics such as: VirusTotal, Splunk, Yara Rules, Suricata, Wireshark, PCAP analysis, OSINT, Malware Analysis, and Ghidra.,
  • Implemented and ran machine learning experiments on the supercomputing cluster at the University of Oklahoma, totaling over 415,000 core hours (47 core years) of processing time.
  • Developed tools using Python, Bash, Perl, R, and regular expressions to automatically parse, process, and analyze large experimental data sets, including automatic generation of statistics and visualizations.
6

Projects

Education

M.S. in Computer Science
Thesis
Imitating Success in Genetic Programming with Memetic Crossover
B.S. in Physics and Mathematics

Certifications and Training

eLearnSecurity Junior Penetration Tester (eJPT)
eLearnSecurity June 2021

The eLearnSecurity Junior Penetration Tester (eJPT) is a 100% practical certification on penetration testing and information security essentials. By passing the exam, a cyber security professional proves to employers they are ready for a rewarding new career.

CompTIA Security+
CompTIA May 2021

CompTIA Security+ is a global certification that validates the baseline skills necessary to perform core security functions and pursue an IT security career.

TryHackMe Top 0.5%
TryHackMe July 2021

TryHackMe is an online platform that teaches cyber security through short, gamified real-world labs. We have content for both complete beginners and seasoned hackers, encorporating guides and challenges to cater for different learning styles.

I have completed four learning paths, over 120 rooms, and earned 16 badges.

Network Forensics and Incident Response
Antisyphon May 2022

This course uses an assortment of network data acquisition tools and techniques with a focus on open-source, vendor-neutral solutions. Students who take this course will learn how to perform network traffic and protocol analysis that ultimately supports cybersecurity incident response efforts. From reconnaissance to data exfiltration, network traffic scales to provide a bird’s-eye view of attacker activity. Leveraging the vantage point of key network traffic chokepoints, this course explores nearly every phase of an attacker’s methodology.

Foundations of Operationalizing MITRE ATT&CK
AttackIQ July 2021

This training session introduces students to the basics of the MITRE ATT&CK Framework. Topics include the history and evolution of MITRE ATT&CK, why organizations are adopting it, and how an organization can use MITRE ATT&CK to make its security program more efficient and effective. The class will also cover the tools and resources available for supplementing MITRE ATT&CK testing, including ATT&CK Navigator and MITRE CAR.

SOC Analyst 1 Elite
RangeForce June 2021

The SOC Analyst 1 Battle Path enables cybersecurity professionals and students to gain live-environment experience with the foundational concepts and practices of a security operations center (SOC). Whether it’s understanding event logs, visualizing data, or conducting malware analysis, this curriculum is designed to get you SOC-ready. Work through a series of hands-on modules and related challenges to complete this path.

SOC Analyst 2
RangeForce June 2021

The SOC Analyst 2 Battle Path is a great resource for entry-level analysts looking to take their career to the next level. In this path, you’ll work through hands-on modules to develop robust skills, including more sophisticated search capabilities, utilizing APIs and SIEMs to automate repetitive tasks, and incorporating the right tools into incident response. During our course challenges, you’ll demonstrate the resilience you bring to teams by applying your skills to incident response.

Reverse Engineering Professional
INE July 2021

The Reverse Engineering Professional Learning Path will teach you several methods to identify, isolate, and finally, analyze portions of code which are of high interest, as well as the most common Windows APIs utilized for file, memory, and registry manipulation by either software protections (such as packers) or malware. During the learning process, you will also get insights into the most common anti-reversing tricks, including different code obfuscation methods, and how to bypass them.

Malware Analysis Professional
INE July 2021

The Malware Analysis Professional Learning Path provides a holistic approach to reverse engineering and analyzing all aspects of malware. During the learning process, you will come across realistic and even real-world malware such as ransomware, botnets, and rats, against which you will perform reverse engineering, static analysis, and dynamic analysis activities.

Penetration Testing Student
INE May 2021

The Penetration Testing Student Learning Path covers prerequisite topics introducing you to information security, programming, and pentesting.

Active Defense & Cyber Deception

In this class, you will learn how to force an attacker to take more moves to attack your network. These moves may increase your ability to detect them. You will learn how to gain better attribution as to who is attacking you and why. You will also find out how to get access to a bad guy’s system. And most importantly, you will find out how to do the above legally.

Getting Started in Security with BHIS and MITRE ATT&CK

This 16-hour information security training class is designed for people who are new to computer security. We will cover the core fundamentals with lots of hands-on labs demonstrating the attacks and defenses every security professional must know to be successful.

Cyber Threat Hunting

This course provides an introduction to threat hunting at the network level. It includes a combination of video lecture and hands-on labs.

Volunteer Experience

Teacher

Developed and led a free 13-week YouTube series introducing Python to non-programmers.

Reviewer

Served as a peer reviewer for 3 research journals and 5 research conferences and as a grant proposal reviewer for the National Science Foundation.

Mentor

Mentored Bethany High School and Elementary robotics teams from 2015 to 2019.

Trainer

Led ethics training for SNU NASA Space Grant Summer Research students in 2013-2018 and 2021.

Host

Hosted a regional site for the International Collegiate Programming Contest (ICPC) in collaboration with the University of Oklahoma in 2016, 2018, and 2019.

Publications

Journal Articles

  • Brent E. Eskridge, Elizabeth Valle, and Ingo Schlupp. "Emergence of Leadership within a Homogeneous Group." PLoS One, Volume 10, Number 7, pages e0134222, 2015. [Paper]
  • Brent E. Eskridge and Dean~F. Hougen. "Extending Adaptive Fuzzy Behavior Hierarchies to Multiple Levels of Composite Behaviors." Robotics and Autonomous Systems, Volume 58, pages 1076-1084, 2010. [Abstract]
  • Brent E. Eskridge and Dwight Neuenschwander. "A Pedagogical Model of Primordial Helium Synthesis." American Journal of Physics. Volume 64, Issue 12, pages 1517-1524, 1996. [Abstract]

Book Chapters

  • Brent E. Eskridge and Dean F. Hougen. "Using State and Action Abstraction in Controllers for Concurrent, Interfering, Non-episodic Tasks." In Autonomous Agents, I-Tech Education and Publishing, 2010. [Book Chapter]

Refereed Conferences

  • Brent E. Eskridge, and Ingo Schlupp. "Effects of Local Communication and Spatial Position in a Collective Decision-Making Model." In European Conference on Artificial Life (ECAL), pages 154-161, 2017. [Paper] [Presentation]
  • Brent E. Eskridge, and Ingo Schlupp. "Effects of Personality Distribution on Collective Behavior." In International Conference on the Simulation and Synthesis of Living Things (ALife), pages 908-915, 2014. [Paper]
  • Jeremy Acre, Brent E. Eskridge, Nicholas Zoller, and Ingo Schlupp. "Adapting to a Changing Environment Using Winner and Loser Effects." In Genetic and Evolutionary Computation Conference, pages 137-144, 2014. [Abstract] [Presentation]
  • Tim Solum, Brent E. Eskridge, and Ingo Schlupp. "Consensus Costs and Conflict in a Collective Movement." In Genetic and Evolutionary Computation Conference, pages 49-56, 2014. [Abstract] [Presentation]
  • Brent E. Eskridge and Dean F. Hougen. "Nurturing Promotes the Evolution of Learning in Uncertain Environments." In Joint IEEE International Conference on Development and Learning and on Epigenetic Robotics, pages 1-6, 2012. [Abstract]
  • Mark Woehrer, Dean F. Hougen, Ingo Schlupp, and Brent E. Eskridge. "Robot-to-robot Nurturing: A Call to the Research Community." In Joint IEEE International Conference on Development and Learning and on Epigenetic Robotics, pages 1-2, 2012. [Abstract]
  • Brent E. Eskridge. "Effects of Local Communication and Topology on Collective Movement Initiation." In International Conference on the Simulation and Synthesis of Living Things (ALife), pages 155-162, 2012. [Paper]
  • Brent E. Eskridge. "Evolving a Follower in the Presence of a Potential Leader." In International Conference on the Simulation and Synthesis of Living Things (ALife), pages 163-170, 2012. [Paper]
  • Brent E. Eskridge. "Extrapolation of Regularity Using Indirect Encodings." In IEEE Congress on Evolutionary Computation, pages 1280-1287, 2011. [Abstract]
  • John Crofford, Brent E. Eskridge and Dean F. Hougen. "Applying the Triple Parameter Hypothesis to Maintenance Scheduling." In Genetic and Evolutionary Computation Conference, pages 799-806, 2010. [Abstract] [Poster]
  • Brent E. Eskridge and Dean F. Hougen. "Using Action Abstraction to Evolve Effective Controllers." In Genetic and Evolutionary Computation Conference, pages 1773-1774, 2009. [Abstract] [Poster]
  • Nathaniel~P. Troutman}, Brent E. Eskridge, and Dean F. Hougen. "Is 'Best-So-Far' a Good Algorithmic Performance Metric?." In Genetic and Evolutionary Computation Conference, pages 1147-1148, 2008. [Abstract]
  • Brent E. Eskridge and Dean F. Hougen. "Using Priorities to Simplify Behavior Coordination." The International Joint Conference on Autonomous Agents and Multiagent Systems, pages 1334-1336, 2007. [Abstract] [Poster]
  • Brent E. Eskridge and Dean F. Hougen. "Prioritizing Fuzzy Behaviors in Multi-robot Pursuit Teams." Proceedings of the IEEE Conference on Fuzzy Systems, pages 6039-6045, 2006. [Abstract]
  • Brent E. Eskridge and Dean F. Hougen. "An Analysis of Memetic Crossover's Impact on a Population." IEEE Congress on Evolutionary Computation, pages 6844-6850, 2006. [Abstract]
  • Brent E. Eskridge and Dean F. Hougen. "Memetic Crossover for Genetic Programming: Evolution through Imitation." Genetic and Evolutionary Computation Conference, pages 809-815, 2004. [Abstract]
  • Brent E. Eskridge and Dean F. Hougen. "Imitating Success: Memetic Crossover for Genetic Programming." Congress on Evolutionary Computation, pages 459-470, 2004. [Abstract]

Other Publications and Presentations

  • Jeremy Acre, Brent E. Eskridge, and Nicholas Zoller. "Effects of Personality Decay on Collective Movements." In Student Workshop, Genetic and Evolutionary Computation Conference, 2014. (Presentation and Poster).
  • Tim Solum, Brent E. Eskridge, and Ingo Schlupp. "Consensus Costs and Conflict in Robot Swarms." In Student Workshop, Genetic and Evolutionary Computation Conference, 2014. (Presentation and Poster).
  • Brent E. Eskridge, Elizabeth Valle, and Ingo Schlupp. "Using Experience To Promote The Emergence Of Leaders And Followers." European Conference on Complex Systems, 2013. [Extended Abstract] [Poster]
  • Brent E. Eskridge, Elizabeth Valle, and Ingo Schlupp. "Bystander Effects In A Single-Player, Anonymous Contest." European Conference on Complex Systems, 2013. [Extended Abstract] [Poster]
  • Brent E. Eskridge, Blake Jordan}, and Ingo Schlupp. "Effects of Conflict on Collective Movement Decision-Making." European Conference on Complex Systems, 2013.. [Extended Abstract] [Presentation]
  • Brent E. Eskridge. "Effective (ab)use of HPC with Non-parallelized Software." Oklahoma Supercomputing Symposium, Norman, OK, October 2010. (Invited speaker). [Link]
  • Brent E. Eskridge and Dean F. Hougen. "Extending Adaptive Fuzzy Behavior Hierarchies to Multiple Levels." Technical Report TR-OU-REAL-09-001, Department of Computer Science, University of Oklahoma. 2009.
  • Nathaniel Troutman, Brent E. Eskridge, and Dean F. Hougen. "Evolving Artificial Neural Networks with Genetic Algorithms to Play Tic-Tac-Toe." Oklahoma Research Day, April 2007. (Abstract and Poster).
  • Brent E. Eskridge. "Prioritizing Fuzzy Behavior Hierarchies to Improve Behavior Coordination." Doctoral Mentoring Program, The International Joint Conference on Autonomous Agents and Multiagent Systems, pages 6-7, May 2007. (Refereed).
  • Brent E. Eskridge and Dean F. Hougen. "Prioritizing Behaviors in a Fuzzy Behavior Hierarchy." Second Annual Computer Science Research Conference, University of Oklahoma Computer Science Graduate Student Association, April 2006. (Refereed, Honorable Mention Award).
  • Dean F. Hougen, Pedro A. Diaz-Gomez, Brent E. Eskridge. "Evolutionary Computation." Research Experiences for Undergraduates Site on Embedded Machine Learning Systems, Seminar, July 19, 2005.

Web Articles and Other Content

  • Michael Leardi, Joey Fitzpatrick, and Brent Eskridge, PhD. "Tracking Cobalt Strike Servers Used in Cyberattacks on Ukraine." IronNet Threat Research blog. [Article]
  • Morgan Demboski and Brent Eskridge, PhD. "Cyber Attacks on the Power Grid." IronNet Threat Research blog. [Article and infographic]
  • Morgan Demboski and Brent Eskridge, PhD. "APJ Threat Intelligence Update." IronNet Threat Research webinar. [On-demand video]
  • Brent Eskridge, PhD and Morgan Demboski. "Crowdsourcing cyber chaos." IronNet Threat Research blog. [Article]
  • Brent Eskridge, PhD. "Caught in the Cyber Blast Radius." IronNet Threat Research blog. [Article]
  • Peter Rydzynski, Michael Leardi, Brent Eskridge, PhD. "Detecting anomalous network traffic resulting from a successful Log4j attack." IronNet Threat Research blog. [Article]
  • Brent Eskridge, PhD and Michael Leardi. "Anatomy of a Log4j attack." IronNet Threat Research blog. [Article]
  • Peter Rydzynski and Brent Eskridge, PhD. "Log4j: new software supply chain vulnerability unfolding as this holiday’s cyber nightmare." IronNet Threat Research blog. [Article]
  • Brent Eskridge, PhD (editor). "Annual Threat Report 2021." IronNet Threat Research report. [Report]

Unpublished Presentations

  • Brent E. Eskridge. "Adventures in Computational Collective Behavior." Division of Science and Math Research Presentation Series, October 4, 2019. [Presentation]
  • Brent E. Eskridge and Ingo Schlupp. "Fission-fusion Multi-robot Systems." Division of Science and Math Research Presentation Series, October 7, 2019. [Presentation]
  • Brent E. Eskridge. "Effects of Local Communication and Topology on Collective Movement Initiation." Division of Science and Math Research Presentation Series, October 26, 2012.
  • Brent E. Eskridge. "Understanding Leadership in Robots by Understanding Leadership in Nature." Division of Science and Math Research Presentation Series, October 3, 2011.
  • Brent E. Eskridge. "Fuzzy Logic." PHIL-4193 Seminar in Philosophy: Logic, Southern Nazarene University, May 6, 2011. (Guest speaker).
  • Brent E. Eskridge. "What is Artificial Intelligence?." NS-3043 Science, Technology, and Society Course, Southern Nazarene University, October 27, 2009 and March 30, 2010. (Guest speaker).