Matthew W.

Matthew W.

New Orleans, Louisiana, United States
1K followers 500+ connections

About

Matthew Wollenweber is a principal security engineer at Axonius. His work spans security…

Services

Articles by Matthew

  • Resolving the Alexa Top N

    The first CYA I recommend to filter/whitelist threat intel/block lists is the Alexa Top 10K. Alexa conveniently lists…

  • Investigating and Blocking IP Addresses

    I'm a strong advocate for blocking malicious IP addresses. Being a lazy netsec guy, I dislike cleaning up incidents…

  • Using Threat Intel to Find Compromised Google Accounts

    Threat Intelligence feeds are a great tool to identify potential security incidents. I'd much rather leverage someone…

  • Krebs' Cybersecurity Information (Over)Sharing Act?

    I really liked Brian Krebs' analysis. Information/threat sharing is a useful tool for most organizations.

    5 Comments

Activity

1K followers

See all activities

Experience

  • Anomali Graphic

    Anomali

    San Francisco Bay Area

  • -

  • -

    Washington, DC

  • -

  • -

  • -

  • -

Education

  • Loyola University Maryland Graphic

    Loyola University Maryland

    -

    -

    Activities and Societies: Upsilon Pi Epsilon, Linux User's Group, ACM, Math Club

  • -

    -

  • -

    - Present

Volunteer Experience

Projects

  • Watchman

  • LALookup

    Need to send a constituent to contact their Louisiana elected leader? LALookup utilizes browser location and election databases to make the process frictionless

  • Project Mayhem

    Project Mayhem is a comprehensive investigative operation exposing the illegal surveillance infrastructure in New Orleans, where Project NOLA—a private nonprofit founded by ex-NOPD officer Bryan Lagarde—runs America’s first known live facial recognition system across over 5,000 cameras in direct violation of the city’s 2022 surveillance ban. Through systematic public records requests, technical security analysis, and formal complaints to oversight bodies, Project Mayhem has documented how NOPD…

    Project Mayhem is a comprehensive investigative operation exposing the illegal surveillance infrastructure in New Orleans, where Project NOLA—a private nonprofit founded by ex-NOPD officer Bryan Lagarde—runs America’s first known live facial recognition system across over 5,000 cameras in direct violation of the city’s 2022 surveillance ban. Through systematic public records requests, technical security analysis, and formal complaints to oversight bodies, Project Mayhem has documented how NOPD circumvents constitutional protections by partnering with this unaccountable private spy network that sends real-time facial recognition alerts directly to officers’ phones, maintains a database of 30,000+ “suspected criminals” with zero oversight, and operates on banned Chinese Dahua software flagged for national security concerns. The investigation reveals catastrophic security failures including the default password “Temp1234” distributed via email, 44 publicly-accessible Google Drive folders containing surveillance footage, and shared accounts that make attribution impossible—transforming New Orleans into what privacy advocates call “the laboratory for mass surveillance experiments” that threaten to spread nationwide

    https://insomniac.tech/projectmayhem

  • gAudit Service

    -

    gAudit enables Gmail Domain administrators to easily audit and respond to suspicious activity within their Google domain. gAudit:
    -Alerts when users login from known malicious addresses
    -Enables searching login events by IP for hunting malicious actors
    -Identifies countries of origin logging into accounts
    -Alerts when IP logs into several accounts
    -Alerts when an account logs in from several countries in a short period
    -Alerts when an email forwarding address is used by…

    gAudit enables Gmail Domain administrators to easily audit and respond to suspicious activity within their Google domain. gAudit:
    -Alerts when users login from known malicious addresses
    -Enables searching login events by IP for hunting malicious actors
    -Identifies countries of origin logging into accounts
    -Alerts when IP logs into several accounts
    -Alerts when an account logs in from several countries in a short period
    -Alerts when an email forwarding address is used by several accounts
    -Collects and exports gmail content for ediscovery
    -Searches gDrive for exports outside the organization
    -Search gDrive for PII

    See project
  • Dragonslayer

    -

    Ancient ugly code to track compromised systems and ingest threat intel to correlate with Dragon IDS signatures that look for JARs, EXEs, PDFs, DOCs, etc.

    See project
  • netent

    -

    A bit of code to use a splaytree template to compute basic "netflow"(ish) stats.

    See project
  • SilkAlert

    -

    Code to find top traffic via a SiLK netflow collector, filter out known/safe top talkers, and send an email alert. Useful for detecting DDoS.

    See project

Recommendations received

View Matthew’s full profile

  • See who you know in common
  • Get introduced
  • Contact Matthew directly
Join to view full profile

Other similar profiles

Explore top content on LinkedIn

Find curated posts and insights for relevant topics all in one place.

View top content

Add new skills with these courses