Advertisement · 728 × 90

Posts by Brendan Chamberlain

Lastly, I’m looking to expand the ruleset sources. If you would like me to include one, please submit an issue.

1 year ago 0 0 0 0

Rulehound is nowhere near done. There are a few known bugs and most likely some issues that I wasn’t able to identify during testing. Please submit any bugs you find in the Rulehound Github repo.

1 year ago 0 0 1 0

Why reinvent the wheel when there’s already a blueprint? It’s a challenge to search across all the various rulesets for a particular use case. Rulehound aims to solve this problem.

1 year ago 0 0 1 0

Why Rulehound? Pretty simple: as Detection Engineers, we oftentimes turn to the amazing free, opensource and publicly available rulesets for inspiration when developing new content.

1 year ago 0 0 1 0
Rulehound The front page of threat detection rulesets.

Today I'd like to share a tool I recently wrote called Rulehound. It's a detection ruleset catalogue and search engine containing over 7,500 rules from 5 distinct sources. More details in thread.

rulehound.com

1 year ago 3 2 1 0
Preview
Roadmaps Community driven roadmaps, articles and guides for developers to grow in their career.

I recently stumbled upon roadmap.sh - it's a great resource for self-learners that appreciate some structure.

For anyone who might find it useful, I threw together a basic "Threat Detection Engineer" roadmap:

roadmap.sh/r/threat-det...

1 year ago 10 1 1 0
Preview
How Google Does It: Modernizing threat detection | Google Cloud Blog Get an inside look at Google’s approach to modern threat detection and response, part of our new "How Google Does It" series.

In the latest addition to awesome-detection-engineering, the team at Google outlines 5 important principles for driving a highly effective threat detection program. Check it out here:

cloud.google.com/transform/ho...

1 year ago 6 0 0 0
Preview
ARM - AttackRuleMap Mapping of open-source detection rules and atomic tests.

Check out the latest addition to awesome-detection-engineering: AttackRuleMap

AttackRuleMap is a clean and easy to use table of MITRE ATT&CK techniques and any associated Sigma or Splunk rules. Thanks krdmnbrk for the add!

attackrulemap.com

1 year ago 8 1 0 0
Preview
Get Tickets – SkiCon 2025 SkiCon is where après ski, snowboarding and infosec meet! We aim to join the outdoors and winter sports with cybersecurity research. We differ from most security conferences and hacker gatherings as w...

Tickets for #SkiCon are now on sale! There’s a very limited amount so gets yours while you can!

skicon.tickit.ca/events/27355

1 year ago 6 2 0 0
Advertisement
Preview
Security Engineer, Threat Detection

I'm excited to share that we're hiring for a Detection Engineer at Klaviyo.

Come work with me and a team of highly talented Detection & Response Engineers as we build an innovative and highly effective threat detection program.

www.klaviyo.com/careers/jobs...

1 year ago 4 2 0 0
Post image

Me and every parent I know right now

1 year ago 90 8 6 4
Post image Post image Post image

Ultralytics, a python package with close to 6.4 million downloads per month, was backdoored to run a cryptominer. Running theory from the reported GitHub issue is a GitHub action injection attack, but theres also evidence that the malicious code was published directly via PyPi and skipped CI/CD

1 year ago 10 4 1 0

don’t ever settle somewhere where you don’t have this

1 year ago 1 0 0 0

getting to work with people much smarter than you is such an underrated benefit

1 year ago 1 1 0 1

0xv1n and I added a new way to interface with the LOOBins project! Binaries are now available in a STIX bundle as Tool objects. Threat intel teams can import the bundle into many popular TIPs to help track each binary's relationship to campaigns, threat actors, etc.

www.loobins.io/loobins_stix...

1 year ago 0 0 0 0

Great starter pack for detection engineers or any defensive-focused cybersecurity folks.

1 year ago 0 0 0 0
Advertisement

The cold and dark weather + waning sunlight seems to always brings new energy to the open source and content creation community. New LOObins fun + detection-as-code stuff coming soon!

1 year ago 4 0 0 0