About us

CyberSec Research publishes practical, reproducible articles on cybersecurity: defense (Blue Team), ethical offense (Red/Purple), DFIR, malware & reverse engineering, threat intelligence, cloud security/DevSecOps, privacy & compliance, applied cryptography, AI/LLM security, and adversarial ML. We value code-backed writing with sanitized data and verifiable results.

What we publish

• Topics: hardening & detection engineering (Sigma, YARA, Suricata), DFIR playbooks, memory/disk forensics, malware analysis, exploit development in controlled labs, cloud/K8s security, supply-chain security, CI/CD & SAST/DAST, IAM, Zero Trust, OT/ICS, mobile, threat intel (TTP/ATT&CK), privacy by design, ISO 27001/NIST/GDPR, AI security/adversarial ML, CTF write-ups with solutions.
• Audience: practitioners, SOC analysts, researchers, advanced students.
• Depth: hands-on guides, safe PoCs, figures and logs, checklists, and metrics (TP/FP, precision/recall, dwell time, MTTD/MTTR; for ML, MAE/CS@5, etc.).
• Reproducibility: public repo (or gist) + lab instructions (VM/container images, synthetic data).

What we don't publish

• Plagiarism, spam, link farms, or purely promotional content.
• Instructions enabling illegal activity on real systems.
• Unsanitized sensitive/PII data, proprietary dumps, secrets/API keys.
• Undisclosed zero-days or irresponsible exploit details.
• Undeclared or unchecked AI-generated text.

How to submit

1. On Medium: … → Add to publication → CyberSec Research.
2. Not a writer yet? Send your Medium profile + a 3–5 bullet outline to bruzzese.953247@studenti.uniroma1.it or message the editors on Medium.
3. When relevant, include a public GitHub repo (PoC, rules, scripts, redacted IoCs).
4. If your article involves vulnerabilities, describe your disclosure (vendor contacted, timeline, patch status).

Formatting

• Length: ~800–2,500 words (flexible).
• Structure: clear title; concise intro (problem/context); section headings; conclusions with takeaways and next steps.
• Figures: screenshots/diagrams with captions and alt text; blur/obfuscate hosts, users, and public IPs.
• Code: minimal, runnable snippets; provide requirements.txt/Dockerfile/compose.yaml when helpful.
• Citations: sources, CVEs, tools, datasets; respect licenses.
• Metrics: state setup (HW/OS), datasets (synthetic or link), parameters, and seed when applicable.

AI & originality

Submit original work. If you used AI tools (text or code), disclose how and fact-check outcomes. Authors are responsible for technical accuracy and legal compliance.

Editorial process

We may refine titles, headings, images, and micro-copy for clarity/SEO.

Typical response time: 3–7 days with acceptance, revision requests, or a reasoned decline.

Rights & republishing

Non-exclusive rights. You retain copyright.

If republishing elsewhere, link back to the original (use a canonical link when applicable).

Links & self-promotion

Lead with value. One or two relevant links (portfolio, repo, paper) are fine; avoid aggressive self-promo or referral/affiliate spam.

Ethics, privacy & security

• Test environments only: run PoCs exclusively in isolated labs (VMs/containers, closed networks, assets you own).
• Responsible disclosure: we won't publish exploitable details before a patch or beyond what defenders need. We may delay/limit technical detail when warranted.
• Data: use public/licensed or synthetic datasets; remove PII/identifiers; share IoCs redacted (e.g., truncated hashes, generalized IPs).
• Legal: comply with local laws and tool/service terms. No instructions to attack third-party systems.

Author checklist (before submitting)

• Public repo with README for reproducibility (steps, prerequisites, seeds/data).
• Sanitized screenshots/logs; no secrets included.
• Disclosure timeline & vendor status (if applicable).
• Correct licenses for code/data/figures.
• Metrics and limitations stated; suggest future work.

Contact

• Email: bruzzese.953247@studenti.uniroma1.it
• GitHub: github.com/robertobruzzese