PinnedAbout Detection EngineeringIn recent months I’ve noticed several attempts to define the term detection engineering and thought I should share my thoughts on this…Sep 11, 20221Sep 11, 20221
PinnedThe Bicycle of the Forensic AnalystI started my journey in a digital forensics lab crammed with hardware and a table with two dozen external hard drives. Each of these hard…Sep 10, 20221Sep 10, 20221
Quick Insights on This Week’s Critical Software Flaws (Week 39)In this week’s roundup, I’ve listed some notable vulnerabilities that caught my attention. They range from issues in libwebp to critical…Sep 30, 2023Sep 30, 2023
Introducing “Grey Zone Devices (GZDs)”: Bridging the Gap in System ClassificationTalking about certain systems in cybersecurity can be tricky when we don’t have the right terms. In a previous blog post, I pointed out a…Sep 13, 2023Sep 13, 2023
Emerging Cybersecurity Threats: What to Watch Out For in Q4 2023The cybersecurity landscape is continuously evolving, with new threats and trends emerging every day. In Q3 2023, we have observed several…Sep 2, 20233Sep 2, 20233
Published inSigma_HQQuarterly Sigma Project Update Q1/2023New Features, Tools, and Community ContributionsApr 8, 2023Apr 8, 2023
Capturing Detection Ideas to Improve Their ImpactThreat researchers, malware analysts, and digital forensic specialists often share advice, hints, and ideas with the community through…Oct 8, 2022Oct 8, 2022
Using Personal Activity Reviews to Uncover Adversary ActivityThe recent revelations regarding the Solarwinds compromise and the problem of detecting adversary activity that aligns with legitimate user…Jan 23, 2021Jan 23, 2021