Dive into Sigma Correlation RulesAnd go hunting for Cicada3301 ransomware behaviors in the processSep 9, 2024Sep 9, 2024
It’s Always DarkGate Before the DawnDetecting DarkGate, an Emerging Malware ThreatOct 16, 2023Oct 16, 2023
Button-Pusher to MasterBuilder: Automating SIEM WorkflowsBuild Confidence and Skill in SIEM AutomationMay 26, 20231May 26, 20231
Detecting OneNote (.One) Malware DeliveryI opened a dozen malicious OneNote files and clicked on every link so you don’t have toJan 31, 2023Jan 31, 2023
Finding the Gap: How Curiosity and Creativity Drives Threat DetectionLet the Real World be your Lab with Mitre ATT&CK, Atomic Red Team, and SigmaDec 13, 2022Dec 13, 2022
Catching a Wev(tutil): Threat Detection for the Rest of UsMy detection engineering process in a nutshellNov 23, 2022Nov 23, 2022