Will bei at FIRST Cti event in Munich starting Tuesday with @jkppr.bsky.social . If you want to talk about Time sketch, OpenRelik or other Open source tools
Posts by Janosch
New version of OpenRelik (the #DFIR workflow engine) is out. New workflow UI, support for chords (task groups with callback), MCP server and much much more. Give it a try!
Take a look at the new page for workers showcase, both official and community contributed: openrelik.org/workers/
We are launching a Black Friday deal on our most popular course, Threat Hunting & Incident Response w/Velociraptor! From now until midnight (EST) 11/28, enjoy 40% off our best-selling on-demand course.
Register: ddi.sh/thvr-bf-2025
Use Code: blackfriday2025
#DFIR #ThreatHunting
📣THREAD: It’s surprising to me that so many people were surprised to learn that Signal runs partly on AWS (something we can do because we use encryption to make sure no one but you–not AWS, not Signal, not anyone–can access your comms).
It’s also concerning. 1/
A threat actor (UNC6395) is accessing Salesforce accounts and data through the Salesloft Drift AI chat agent
cloud.google.com/blog/topics/...
A new Unfurl release (unfurl.link) is here! v2025.08 has:
🆔 Parsing more from TikTok IDs (millisecond timestamp, entity type (user account, device, live session, or video), and more). Thanks to Benjamin Steel for the paper arxiv.org/abs/2504.13279
📝 Full release notes: github.com/obsidianfore...
Heading to #BlackHat Arsenal in 2 weeks w/ @maartenvdantzig.bsky.social to demo our new AI investigation features in Timesketch! We've built a workflow that partners the analyst with AI to speed up investigations while keeping you in control.
Meet us on 📍Thurs, Aug 7, 1pm, at Arsenal Station 7
Using Timesketch for timeline analysis? We recently added a new feature: LLM summaries of up to 500 events in view. Example below uses Gemini Flash, but you can just as easily use a local Ollama model. Setup guide: timesketch.org/guides/user/...
Here are the slides/resources from our #SecurityFest talk on "Modernizing Incident Response Using Techniques that Scale"
Talk: www.youtube.com/live/Znl7TBF...
Hey DFIR Peeps! I am hiring incident responders in two locations - Boulder, CO and Sunnyvale, CA. It'd be hard to find a bigger CSIRT with more scope and more interesting stuff to do than this one. :D
SVL: www.google.com/about...
BLD: www.google.com/about...
We have a new Timesketch release: github.com/google/times...
It includes AI / LLM things, new features, bugfixes and more. Check it out. #DFIR
What if the wise men kept walking after Jesus’s birth?
Watch the latest What If? video collaboration with MinuteEarth!
youtu.be/YL2VNtus4xk
Hey #DFIR people! New #OpenRelik release just dropped. Some cool new features and a bunch of bug fixes.
Turren-Schönbüel Trail, my absolute favorite so far.
Snowshoeing at Weissenberge, Switzerland
A snow-covered landscape with a clear blue sky and snowshoe tracks leading through the snow.
Snowshoeing in a winter wonderland. [Furna, Switzerland]
Exciting News🚀🎉:
Our @cyber5w.bsky.social Intro to DFIR Course is now FREE!🔍
Please read our announcement found below. The course will also be available for FREE @opensectraining.bsky.social very soon! #DFIR #infosec #cybersecurity #DigitalForensics
cyber5w.com/into-dfir.html
🚀 New OpenRelik release
Role-based access control, folder sharing, database improvements, optimisations for file listings, chunked file uploads, bug fixes and refactoring efforts to improve stability.
📝 https://openrelik.org/changelog/
🔗 https://discord.gg/hg652gktwX
#DFIR
If you need datasets for your #DFIR training? Feel free to use any of my cases found in the URL below. They can be used for both academic or commercial training.
www.ashemery.com/dfir.html
A picture taken from a mountain peak overlooking a sea of clouds.