PinnedFlorian RothAbout Detection EngineeringIn recent months I’ve noticed several attempts to define the term detection engineering and thought I should share my thoughts on this…Sep 11, 20221Sep 11, 20221
PinnedFlorian RothThe Bicycle of the Forensic AnalystI started my journey in a digital forensics lab crammed with hardware and a table with two dozen external hard drives. Each of these hard…Sep 10, 20221Sep 10, 20221
Florian RothQuick Insights on This Week’s Critical Software Flaws (Week 39)In this week’s roundup, I’ve listed some notable vulnerabilities that caught my attention. They range from issues in libwebp to critical…Sep 30, 2023Sep 30, 2023
Florian RothIntroducing “Grey Zone Devices (GZDs)”: Bridging the Gap in System ClassificationTalking about certain systems in cybersecurity can be tricky when we don’t have the right terms. In a previous blog post, I pointed out a…Sep 13, 2023Sep 13, 2023
Florian RothEmerging Cybersecurity Threats: What to Watch Out For in Q4 2023The cybersecurity landscape is continuously evolving, with new threats and trends emerging every day. In Q3 2023, we have observed several…Sep 2, 20233Sep 2, 20233
Florian RothinSigma_HQQuarterly Sigma Project Update Q1/2023New Features, Tools, and Community ContributionsApr 8, 2023Apr 8, 2023
Florian RothCapturing Detection Ideas to Improve Their ImpactThreat researchers, malware analysts, and digital forensic specialists often share advice, hints, and ideas with the community through…Oct 8, 2022Oct 8, 2022
Florian RothUsing Personal Activity Reviews to Uncover Adversary ActivityThe recent revelations regarding the Solarwinds compromise and the problem of detecting adversary activity that aligns with legitimate user…Jan 23, 2021Jan 23, 2021