Andy Rector
@DetectorRector
Detection Lead @ Mandiant Managed Defense / Former IR Consultant @mandiant. Tier 3 Hipster; I came in like a #WrectorBall
You might like
Great cross team collaboration across Google Cloud to get this service off the ground. Let's find some evil!
Just announced in preview: Mandiant Hunt for Chronicle Security Operations! This new service is tailored to organizations with existing security programs who want a threat hunting capability to discover new threats that may be missed by product detection. cloud.google.com/blog/products/…
I’m proud to present ProtoBurp, a new Burp Suite extension to help encode and fuzz Protobuf messages based on pain points with existing tooling. Check out my latest blog post about it! dillonfrankesecurity.com/posts/protobur… #pentesting #burpsuite #protobuf #offsec
I don't feel like this is the right question. Threat hunting is a function of detection engineering, where detections are being tested and matched against customer telemetry. If not matches, no additional work. The question we should be asking is what is the service hunting for?
If you were procuring managed threat hunting services from a major security vendor, how many hours per week do you expect a threat hunter is threat hunting in your environment?
Question for Threat Intelligence Analysts, and SOC alike... would you consider Detection Rules Threat Intel? Curious on the perspective of consumers of DE content whether or not Detection Rules should be considered Threat Intelligence or not.
Strong agreement here. Detection Engineering is an exercise in labeling and classifying security relevant data. FP reduction is critically important in reducing alert fatigue, but the opportunity to tune comes directly from SOC dispositions. It's the best feedback loop you have
If you were procuring managed threat hunting services from a major security vendor, how many hours per week do you expect a threat hunter is threat hunting in your environment?
If you're in the Detection Engineering space, come watch @FryGuy2600 and I geek out on all things DE. We have the following planned: 1️⃣ Establish what DE is and isn't 2️⃣ Details on the DE process from a practitioners perspective 3️⃣ DE Maturity model 4️⃣ Measuring success 🎯🎯🎯
Attending #mWISE? Catch our CTO Fred Frey (@FryGuy2600) and @Mandiant's Andrew Rector (@DetectorRector) for their talk 10/19 at 3:15 about #detectionengineering and leveraging tech + teams in a repeatable process, driving robust, resilient, and efficient detection development.
Detection Engineers, is DE Ops only for Vendors/MSSPs/MDRs or should it be something that corporations should pursue too? Curious on your thoughts!
United States Trends
- 1. Baker 39.2K posts
- 2. 49ers 37.1K posts
- 3. Packers 34K posts
- 4. Bucs 12.4K posts
- 5. Ty Dillon N/A
- 6. #BNBdip N/A
- 7. Fred Warner 13.7K posts
- 8. Flacco 12.7K posts
- 9. Cowboys 75.5K posts
- 10. Niners 5,952 posts
- 11. #TNABoundForGlory 10.2K posts
- 12. Cam Ward 3,105 posts
- 13. Zac Taylor 3,375 posts
- 14. #FTTB 4,579 posts
- 15. #GoPackGo 4,277 posts
- 16. Byron 5,737 posts
- 17. Panthers 76.6K posts
- 18. Titans 24.5K posts
- 19. Egbuka 6,795 posts
- 20. Browns 67.9K posts
You might like
-
Steve YARA Synapse Miller
@stvemillertime -
Van
@Wanna_VanTa -
Dan Perez
@MrDanPerez -
Bryce
@bryceabdo -
nick
@3dRailForensics -
Rufus
@rufusmbrown -
Mathew
@mittypk -
Steve Stone
@stonepwn3000 -
Tyler McLellan
@tylabs -
Willi Ballenthin
@williballenthin -
Adrien B
@Int2e_ -
Jared Wilson
@JWilsonSecurity -
Aaron Stephens
@x04steve -
⚛️ Marcin Siedlarz
@siedlmar -
The Vertex Project
@vtxproject
Something went wrong.
Something went wrong.