Roman Romanenco – Medium

Roman Romanenco

Roman Romanenco

6-Step Blueprint for a Winning Product Strategy

In the bustling alleys of the business world, a product strategy is akin to a GPS, guiding a product’s development and launch with finesse…

3 min readSep 6, 2023

--

6-Step Blueprint for a Winning Product Strategy

--

Roman Romanenco

5 Insider Threats Your Company is Overlooking

3 min readSep 5, 2023

--

5 Insider Threats Your Company is Overlooking

--

Roman Romanenco

How I automate authenticated API security testing

This is a short & simple post about automating the dynamic application security testing (DAST) of a service API. Usually performed as part…

2 min readOct 26, 2022

--

How I automate authenticated API security testing

--

Roman Romanenco
in
Coinmonks

Register and prosper with Web3 domains

Web3 has been on fire this past year, we’re witnessing an emerging sector of innovation in its infancy. Similar to the rise of Web2…

4 min readMay 1, 2022

--

Register and prosper with Web3 domains

--

Roman Romanenco
in
CodeX

Common ransomware delivery and cost effective proactive defense

We as security practitioners often remind others, good cyber hygiene and best practices in security controls will go a long way in…

6 min readApr 27, 2022

--

Common ransomware delivery and cost effective proactive defense

--

Roman Romanenco
in
CodeX

Deconstructing the ransomware kill chain

By design ransomware is a relatively “noisy” form of malware and its kill chain presents multiple opportunities for network defenders to…

4 min readApr 6, 2022

--

Deconstructing the ransomware kill chain

--

Roman Romanenco

CISSP: Mile Long, Inch Deep…

Back in 2017 I sat and passed my CISSP exam, it was my first year practicing cyber security. At some point in my early career I decided…

3 min readMar 24, 2022

--

CISSP: Mile Long, Inch Deep…

--

Roman Romanenco

Tunnel traffic through jump host

Tunnel traffic through a compromised jump host to reach otherwise unreachable internal networks or hosts (pivot).

2 min readJan 18, 2021

--

Tunnel traffic through jump host

--

Roman Romanenco

Apache Tomcat Deserialization of Untrusted Data RCE (CVE-2020–9484)

a niche condition to trigger remote code execution via deserialization on Apache Tomcat

3 min readNov 11, 2020

--

Apache Tomcat Deserialization of Untrusted Data RCE (CVE-2020–9484)

--

Roman Romanenco

HTB Buff — [writeup]

Buff is a Windows machine rated as “Easy” on HackTheBox weighed toward CVEs. Webshells, file transfers and SSH tunnel port forwarding.

3 min readAug 31, 2020

--

HTB Buff — [writeup]

--

Roman Romanenco

Roman Romanenco

Sometimes I write about my interests in the professional world. Topics span cybersecurity and ethical hacking, product management, and web3.

Following

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams