Thanks

Joyful holidays 🕎

@irishdeath.bsky.social

Rocking the Christmas vibes with some #KQL ❤️

On my way

#DFIR and #ThreatHunting friends - the technical detail in this blog is pure gold for hunting and writing detections - even if you don't count TA397 high in your threat model, the techniques they use are not unique and the detections still apply: www.proofpoint.com/us/blog/thre...

Cool, I tend to play with dnstwist.it / github.com/elceef/dnstw...

Join @olafhartong.nl in his journey down the rabbit hole in search of new detection opportunities in the #Zeek telemetry embedded in Microsoft's EDR #MDE! Detection engineering is sometimes hard … 😎

falconforce.nl/detection-en...

#detectionengineering #kql #blueteam

Elastic releases the Detection Engineering Behavior Maturity Model — Elastic Security Labs Using this maturity model, security teams can make structured, measurable, and iteritive improvements to their detection engineering teams..

www.elastic.co/security-lab... - great read on maturity model for Detection Engineering.

#infosec #cybersecurity #cyber #Detection