Dive into Sigma Correlation RulesAnd go hunting for Cicada3301 ransomware behaviors in the processSep 9Sep 9
It’s Always DarkGate Before the DawnDetecting DarkGate, an Emerging Malware ThreatOct 16, 2023Oct 16, 2023
Button-Pusher to MasterBuilder: Automating SIEM WorkflowsBuild Confidence and Skill in SIEM AutomationMay 26, 20231May 26, 20231
Detecting OneNote (.One) Malware DeliveryI opened a dozen malicious OneNote files and clicked on every link so you don’t have toJan 31, 2023Jan 31, 2023
Finding the Gap: How Curiosity and Creativity Drives Threat DetectionLet the Real World be your Lab with Mitre ATT&CK, Atomic Red Team, and SigmaDec 13, 2022Dec 13, 2022
Catching a Wev(tutil): Threat Detection for the Rest of UsMy detection engineering process in a nutshellNov 23, 2022Nov 23, 2022