Open in app

Sign In

Write

Sign In

Florian Roth
Florian Roth

1.3K Followers

Home

About

Pinned

The Bicycle of the Forensic Analyst

I started my journey in a digital forensics lab crammed with hardware and a table with two dozen external hard drives. Each of these hard drives contained one or more disk images of systems possibly compromised. The CERT that called in all kinds of different experts was able to process…

Dfir

9 min read

The Bicycle of the Forensic Analyst
The Bicycle of the Forensic Analyst
Dfir

9 min read


Pinned

Capturing Detection Ideas to Improve Their Impact

Threat researchers, malware analysts, and digital forensic specialists often share advice, hints, and ideas with the community through scientific papers, blog posts, or tweets. It is admirable and often includes beneficial information for anyone who reads their advice, but the impact of the information can be significantly improved. In this…

Detection Engineering

12 min read

Capturing Detection Ideas to Improve Their Impact
Capturing Detection Ideas to Improve Their Impact
Detection Engineering

12 min read


Published in

Sigma_HQ

·Apr 8

Quarterly Sigma Project Update Q1/2023

New Features, Tools, and Community Contributions We have decided it would be a great idea to publish quarterly updates on everything that is happening within the Sigma project, and have created this publication on Medium for that purpose. …

Siem

5 min read

Quarterly Sigma Project Update Q1/2023
Quarterly Sigma Project Update Q1/2023
Siem

5 min read


Sep 11, 2022

About Detection Engineering

In recent months I’ve noticed several attempts to define the term detection engineering and thought I should share my thoughts on this topic in a short blog post. This blog post tries to cover all possible purposes of detection engineering to develop a broad definition of the term, excluding only…

Detection Engineering

5 min read

About Detection Engineering
About Detection Engineering
Detection Engineering

5 min read


Jan 23, 2021

Using Personal Activity Reviews to Uncover Adversary Activity

The recent revelations regarding the Solarwinds compromise and the problem of detecting adversary activity that aligns with legitimate user activity reminded me of a solution that we had developed in a small team over a decade ago. …

7 min read

Using Personal Activity Reviews to Uncover Adversary Activity
Using Personal Activity Reviews to Uncover Adversary Activity

7 min read


Jun 7, 2020

Leverage is Key

Maximizing the effect of defensive research We live in challenging times. As a security researcher focusing on threat detection I frequently notice and comment on the increasing use of off-the-shelf tools by nation state actors. My team and I monitor that landscape closely and noticed an increase of tool publications…

Threat Hunting

5 min read

Leverage is Key
Leverage is Key
Threat Hunting

5 min read


Dec 1, 2019

An Overlooked but Intriguing Sigma Use Case

When we first talked about Sigma in 2016, I was fascinated by a use case that would solve a major problem when SIEM analysts integrate logs of unknown systems and applications. I am talking about the “bundle with software” use case in which a developer provides Sigma rules with his/her…

Sigma

2 min read

An Overlooked but Intriguing Sigma Use Case
An Overlooked but Intriguing Sigma Use Case
Sigma

2 min read


Nov 23, 2019

The Problems With Today's Red Teaming

Just recently I stumbled over a Twitter poll created by Andrew Thompson asking if defenders (blue team) should show the simulated adversaries (red team) how they caught them after an exercise. I was one of the few that answered “no” and gave some explanation.

Security

7 min read

The Problems With Today's Red Teaming
The Problems With Today's Red Teaming
Security

7 min read


Aug 21, 2019

How to Write Good Tweets

A good tweet answers all the important questions, gives credit, links to more information and ideally transports the essence of what you would like the reader to take away. The important questions are: What is it about? (a title or short description) Who did it? (credits / twitter handle /…

Tweet

4 min read

How to Write Good Tweets
How to Write Good Tweets
Tweet

4 min read


Jan 6, 2019

My Take on the Massive Data Leak Affecting German Politicians and Public Figures

On Friday 4th reports of a massive data leak affecting hundreds of German politicians and public figures hit the news. …

Security

7 min read

My Take on the Massive Data Leak Affecting German Politicians and Public Figures
My Take on the Massive Data Leak Affecting German Politicians and Public Figures
Security

7 min read

Florian Roth

Florian Roth

1.3K Followers

Twitter: @cyb3rops LinkTree: https://linktr.ee/cyb3rops

Following
  • Jared Atkinson

    Jared Atkinson

  • Micah Babinski

    Micah Babinski

  • DCSO CyTec Blog

    DCSO CyTec Blog

  • Michael Haag

    Michael Haag

  • Dmitrijs Trizna

    Dmitrijs Trizna

See all (46)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams