GitHub - rfackroyd/detection-engineering-starter-pack: A starter pack of resources to help you get started in Detection Engineering. A starter pack of resources to help you get started in Detection Engineering. - rfackroyd/detection-engineering-starter-pack

Not long ago I did a presentation for the UKCSC, and this Detection Engineering “starter pack” pointed to the resources discussed, check it out 🦈

github.com/rfackroyd/de...

This is great

(Suggestions welcome just reach out)

Also put together a list here a few days back! For the feed aspect

bsky.app/profile/did:...

Try link your personal domain if you can, up to you though

For those of you returning after a while, this is how you can make your own domain your BlueSky handle. Decent feature IMO

bsky.social/about/blog/4...

Capability Abstraction Have you ever wondered how to assess detection coverage for a specific attack technique? Understanding capability abstraction may help!

More key reading for detection engineers looking to create robust detection rules

posts.specterops.io/capability-a...

@patrickhowelloneill.com I mainly post detection engineering thing, it’s up to you though.

Haha. thanks for the info!

Nice one. These packs are a pretty useful feature

Awesome, this going to be streamed?

Also, please DM me any users you think should be on here.

I am also seeing this a lot

Free for Developers Developers and Open Source authors now have a massive amount of services offering free tiers, but it can be hard to find them all to make informed decisions.

Something for the side-project people!

This is a site that shows you SaaS, PaaS, IaaS, and other solutions with free developer tiers

free-for.dev

Seeing more examples of malware sitting in the root of Public or ProgramData directories...

Use a regex like this to pin these down.

C\:\\ProgramData\\[^\\\/]{0,50}\.(exe|js|vbs|vbe|ps1|hta|bat)

Key reading for anyone in cyber threat detection. They have really managed to crystallise the core strategy underprinning robust detection rules

center-for-threat-informed-defense.github.io/summiting-th...

Join if you are keen on talking Detection Engineering! #cyber #detection #edr #siem

bsky.app/profile/did:...

Hey all am here to chat all things Security, Threat Hunting, Intelligence and Detection Engineering

Can anyone recommend some open source tools to find my Twitter following list on BlueSky?

Quick pivoting tip - "Similar by imphash" on VT allows you to quickly identify other samples that have imported the same libraries and called the subsequent functions in the same order. #ThreatIntelligence #ThreatHunting

*cracks fingers*

right, onto the next social media platform

hopefully this one is good for the infosec crowd