AUTHOR

Drew Schmitt

Practice Lead, GRIT,
GuidePoint Security

Drew Schmitt is the Practice Lead for the GuidePoint Research and Intelligence Team (GRIT), where he engages in malware reverse engineering, threat intelligence development, and incident response investigations on behalf of the firm’s clients. His career background includes cybersecurity operations for several clients over various verticals.

Drew joined the GuidePoint team from Palo Alto Networks/The Crypsis Group where he was a Senior DFIR Consultant and a member of the Threat Intelligence team and specialized in malware analysis, threat hunting, and DFIR investigations. Prior to that, Drew spent time working as an incident responder, SOC analyst, and IT administrator across several industries including healthcare and manufacturing.

In addition to various roles in the security community Drew has experience as an adjunct professor teaching cybersecurity courses at Metropolitan State University in St. Paul, MN, acting as a mentor for the Metro State CCDC team, and has created an PowerShell based open source incident response framework called Power-Response.

Drew holds a Master of Science degree in Security Technologies from the University of Minnesota, a Graduate Certificate in Incident Response from the SANS Technology Institute, and has obtained a several GIAC certifications.

Articles from Drew Schmitt

  • Threat Advisory
BianLian GOs for PowerShell After TeamCity Exploitation
Posted by: Drew Schmitt
Read More 9 min read
  • Blog
The Value of Engaging a Threat Actor: Leveraging Strategic Communications for Ransomware Response
Posted by: Drew Schmitt
Read More 13 min read
  • Blog
The Next Step: The GRIT Threat Feed is here
Posted by: Drew Schmitt
Read More 2 min read
  • GRIT Blog
GRIT Ransomware Report: January 2023
Posted by: Drew Schmitt
Published 02/16/23, 06:00am
Read More 6 min read
  • GRIT Blog
GRIT Ransomware Report: August 2022
Posted by: Drew Schmitt
Published 09/15/22, 09:00am
Read More 5 min read
  • GRIT Blog
GRIT Ransomware Report Spotlight: Government
Posted by: Drew Schmitt
Published 06/23/22, 11:36am
Read More 3 min read
Incident Response & Threat Intelligence
Whitepaper
Reckoning with Ransomware
Download
  • GRIT Blog
GRIT Ransomware Report Spotlight: Healthcare
Posted by: Drew Schmitt
Published 06/21/22, 12:37pm
Read More 3 min read
  • GRIT Blog
GRIT Ransomware Report: May 2022
Posted by: Drew Schmitt
Published 06/09/22, 08:00am
Read More 5 min read
  • GRIT Blog
How to Peel a PowerShell Onion: A Bloodhound Case Study
Posted by: Drew Schmitt
Published 05/02/22, 01:32pm
Read More 10 min read
  • GRIT Blog
Threat Brief: Lapsus$
Posted by: Drew Schmitt
Published 03/30/22, 09:00am
Read More 5 min read
  • GRIT Blog
Using Hindsight to Close a Cuba Cold Case
Posted by: Drew Schmitt
Published 02/08/22, 09:23am
Read More 4 min read
  • GRIT Blog
A Ransomware Near Miss: ProxyShell, a RAT, and Cobalt Strike
Posted by: Drew Schmitt
Published 09/21/21, 09:00am
Read More 6 min read