Adversarial Intelligence is a publication about security work, told from the perspective of people who have spent their careers on the offensive side of it.

The content here is broad on purpose. Stories from operations, including the ones that did not go well. Opinion pieces on how security programs actually succeed or fail. Observations on AI and what it means for the work, on both sides. Reflections on leadership, on consulting, on the consulting-side judgment calls that shape whether technical work produces value. Some of it will be deeply technical. Most of it will not be. We are not writing research papers or white papers. There is plenty of that already, and the community that publishes it is healthy. What is harder to find is honest writing about everything around the technical work. The conversations with clients before, during, and after. The institutional dynamics. The cultural conditions that determine whether the work produces value or produces a fight. The view from inside an op, told from people who have been there.

The thread underneath it all is the offensive security perspective. We come at security from the angle of people who have spent years trying to break in, on the operational side of red teams and assessments, in both government and private sector contexts. That perspective shapes how we think about defense. It shapes how we think about AI. It shapes how we think about leadership, about consulting, about every other piece of the security puzzle that the writing touches.

The cadence will be regular. The voice will be honest. The work continues.

Alexander

I served in the Marines for roughly 14 years, finishing my time as Chief of the Marine Corps Red Team before leaving because I enjoyed red teaming more and my body was falling apart. After leaving the Marines, I joined SpecterOps as a consultant, was promoted to senior consultant, and then to managing consultant, where I have spent the last three years doing offensive security work for the private sector.

During my time my time at SpecterOps I was the course architect for Adversary Tactics: Red Team Operations. I am no longer in that role since leaving, but the work that went into the course shaped how I think about teaching this material, and it shows up in how I write about it here. I have taught at Black Hat in both the United States and Europe.

On this site, I write about the years on the Marine Corps Red Team, the lessons that came out of them, and how I have applied those lessons since at SpecterOps. Some of it is stories from inside the work. Some of it is opinions on the patterns I have seen play out across both government and private sector engagements. All of it is trying to share the consulting-side knowledge that does not get shared often enough.

Max

I began my career in the United States Air Force as a Cyber Effects Officer focused on defensive operations, serving as a planner and operator on Cyber National Mission Force’s inaugural Hunt Forward mission in 2018.

After leaving the military, I joined CrowdStrike’s Falcon Complete team, where I worked incident response and threat remediation across a wide range of organizations. While helping defenders respond to active threats, I became interested in understanding how those threats were developed and executed, ultimately leading me to transition into offensive security on CrowdStrike’s red team.

I later joined SpecterOps as an Adversary Simulation Consultant, where my research interests shifted toward the intersection of artificial intelligence, traditional networks, and their security implications. There, I assessed frontier AI systems, explored agentic architectures, and developed a deeper understanding of the technical foundations underlying modern AI systems.

Today, my research focuses on how intelligent systems fail. I am particularly interested in runtime influence, behavioral integrity, and what happens when context begins shaping execution. As autonomous AI systems become increasingly integrated into critical workflows, I hope to contribute meaningful insights and practical frameworks that help organizations safely adopt and secure these emerging technologies.

Pete

I have spent my whole career finding the ways systems fail. I started in QA engineering at Activision, testing AAA titles like Call of Duty, Tony Hawk’s Pro Skater, and Spider-Man, where the entire job was breaking software before players ever could. From there I joined the Marine Corps, serving as a 2651 in the Signals Intelligence field, and then moved into red teaming with the Marine Corps Red Team. After the Corps I moved to the private sector as a Security Advocate at SpecterOps, where I helped people achieve positive security outcomes through the smart application of security concepts and program development.

During my time on the Marine Corps Red Team, and into the work that followed, I was able to contribute to one of the longest running APT simulations in the history of the organization, inside the Marine Corps and out. I am no longer in that role, but the work and knowledge gained informed every aspect of I advise clients, both in the offensive and defensive space, and shaped how I think about this material, and it shows up in how I write about it here.

On this site, I share my insights and opinions that I have over a long career of helping orgs navigate their security challenges. Some of it is stories from inside the work, on the Marine Corps Red Team and across private sector engagements. Some of it is opinions on the patterns I have watched play out in government and industry alike. All of it is an attempt to share the operator-side knowledge that does not get passed along often enough. Helping others is my passion and I dedicate myself to the growth and success of others.

Rebecca

I started my career in the Marine Corps as a Tactical Network Administrator, where I spent five years building, maintaining, and securing small some of our Nation’s most critical information networks. After the Corps, I joined Northrop Grumman conducting incident response for the Marine Corps Enterprise Network, which let me keep supporting the mission from the defensive side. From there I moved into red teaming with the Marine Corps Red Team and later transitioned to the private sector as an Adversary Simulation Consultant at SpecterOps.

Across these roles, I also taught courses for Red Team Operations professionals and Intrusion Detection specialists. The work that went into those courses shaped how I think about this material, and it shows up in how I write about it here. On this site, I write from a path that ran through every side of the network: building it, defending it, attacking it, and then fortifying its defenses. Some of it is stories from incident response and red team operations. Some of it is what defending a network first taught me about breaking one. All of it is an attempt to share the operator-side knowledge that does not get passed along often enough.

Should You Listen to Us?

That part is up to you.

The credentials are the credentials. Between the four of us, we have spent careers on the defensive and offensive sides of the security field, in government and in the private sector, across operations and training and consulting and research. We have defended enterprises, run red teams, sat in outbriefs with senior leaders, written the reports that ended up in folders, written the reports that changed how organizations work, watched programs succeed, and watched programs fail. We have seen the same patterns play out across very different environments. We have the scars and the receipts.

None of that tells you we are right about any specific thing.

What the credentials actually qualify us to do is share what we have seen and what we think it means, in honest form, without dressing it up as truth that is not up for debate. The writing on this site is opinion and experience. It is what we believe, based on what we have lived. We are wrong about some of it. We will figure out which parts later, like everyone else does.

You should read the writing because the writing is useful, or skip it because it is not. Either is fine. The four of us write because we have things to say that we think other people in this work might benefit from hearing. The benefit is the point. The credentials are how we got the perspectives we are sharing. They are not why you should agree with us. Decide for yourself.

What This Site Is Not

It is not a how-to guide for running operations. The technical conversation in this field is robust, well-documented, and easy to find. This is not where you should come for tooling tutorials, exploitation walkthroughs, or step-by-step procedures.

It is not a critique of any specific institution. We are hard on the institutions we have served in and the organizations we have worked with, where being hard is honest. We are also fair. The point is the patterns, not the names.

It is not a polished corporate publication. We write in our own voices, including the parts that are warmer than a formal report and the parts that are sharper. If something here reads like a person wrote it, that is by design. Some of the most valuable security insights and conversations happen in the moment, and we are capturing those moments here.

Contact

If you want to reach us about the writing, the site, or the work, the best path is through the contact form. We read what comes in. We do not always respond quickly, but we respond when we can.

If you work in security in any capacity, or are responsible for the people who do, you are exactly the audience this site is built for. Read around, find the pieces that resonate, and come back when the next one drops. The work continues.