Skip to content


My name is Mike Pilkington. I do IT security work. Over 20+ years, I've worked in many roles in IT and IT security. Currently I work full-time for The SANS Institute in an R&D capacity for the SANS DFIR team. In addition, I also teach the Forensics 500 and 508 classes for SANS.

In the past, I've written numerous research articles for the SANS DFIR Blog. I will continue to do that from time to time, although admittedly it has been a while. This site is designed for shorter supplemental write-ups. My thought is that I need to get back in the habit of sharing, but not always in full-blown, detailed articles. So here I will write shorter pieces that basically serve as cleaned up notes from some of my research activities.

The first article is on the use of MkDocs, which is used to build this site. Although I think MkDocs is awesome, one of the few drawbacks is that it's not a complete blogging platform that supports comments. So if you have any questions, comments, or corrections, please reach out to me via external methods such as Twitter or LinkedIn.