Understanding Memory Forensics with Volatility 3
A practical guide to analyzing Windows memory dumps using Volatility 3 for incident responders and forensic analysts.
Senior Cybersecurity Incident Responder
Senior cybersecurity professional with 12+ years of experience in banking and enterprise environments, specialized in incident response, digital forensics, threat hunting, and blue/purple team operations. Founder and organizer of BSides Costa Rica.

Areas of deep expertise and impact.
Lead enterprise IR engagements including endpoint and memory forensics, containment, eradication, and recovery for complex security incidents at Experian.
Proactive threat hunting, investigation, and forensic analysis across enterprise environments. Improved detection and response processes within SOC operations.
Build and operate security monitoring programs combining defensive operations with simulated attack testing. OSCP and CRTO certified with both offensive and defensive perspectives.
Leverage machine learning for behavioral anomaly detection and predictive threat intelligence. CCSK v5 certified. AI Engineering Bootcamp graduate.
Cybersecurity articles and technical writeups.
A practical guide to analyzing Windows memory dumps using Volatility 3 for incident responders and forensic analysts.
How modern SOC teams are using large language models and machine learning to automate alert triage, threat hunting, and incident reporting.
Auto-aggregated from trusted sources.
CISA has added CVE-2026-0001 to its Known Exploited Vulnerabilities Catalog. The vulnerability in PAN-OS allows unauthenticated remote code execution and is being actively exploited in the wild.
A new ransomware operation dubbed 'DarkVault' has been observed targeting healthcare organizations with a double-extortion model, threatening to leak patient data unless ransom demands are met.
Microsoft has released an emergency patch for a critical vulnerability in Azure Active Directory that could allow attackers to forge authentication tokens and gain unauthorized access to cloud resources.
Google Project Zero researchers have disclosed a zero-day vulnerability in the Chrome V8 JavaScript engine that was exploited in targeted attacks. The flaw allows arbitrary code execution through crafted web pages.
NIST has published SP 800-207 Rev. 2, providing updated guidance on implementing zero trust architectures in federal information systems, with new sections on AI-driven access control and continuous verification.
CrowdStrike's latest threat intelligence report reveals a 300% increase in AI-generated phishing campaigns that use large language models to craft highly convincing social engineering attacks at scale.