Andy Rector
@DetectorRector
Detection Lead @ Mandiant Managed Defense / Former IR Consultant @mandiant. Tier 3 Hipster; I came in like a #WrectorBall
قد يعجبك
Great cross team collaboration across Google Cloud to get this service off the ground. Let's find some evil!
Just announced in preview: Mandiant Hunt for Chronicle Security Operations! This new service is tailored to organizations with existing security programs who want a threat hunting capability to discover new threats that may be missed by product detection. cloud.google.com/blog/products/…
I’m proud to present ProtoBurp, a new Burp Suite extension to help encode and fuzz Protobuf messages based on pain points with existing tooling. Check out my latest blog post about it! dillonfrankesecurity.com/posts/protobur… #pentesting #burpsuite #protobuf #offsec
I don't feel like this is the right question. Threat hunting is a function of detection engineering, where detections are being tested and matched against customer telemetry. If not matches, no additional work. The question we should be asking is what is the service hunting for?
If you were procuring managed threat hunting services from a major security vendor, how many hours per week do you expect a threat hunter is threat hunting in your environment?
Question for Threat Intelligence Analysts, and SOC alike... would you consider Detection Rules Threat Intel? Curious on the perspective of consumers of DE content whether or not Detection Rules should be considered Threat Intelligence or not.
Strong agreement here. Detection Engineering is an exercise in labeling and classifying security relevant data. FP reduction is critically important in reducing alert fatigue, but the opportunity to tune comes directly from SOC dispositions. It's the best feedback loop you have
If you were procuring managed threat hunting services from a major security vendor, how many hours per week do you expect a threat hunter is threat hunting in your environment?
If you're in the Detection Engineering space, come watch @FryGuy2600 and I geek out on all things DE. We have the following planned: 1️⃣ Establish what DE is and isn't 2️⃣ Details on the DE process from a practitioners perspective 3️⃣ DE Maturity model 4️⃣ Measuring success 🎯🎯🎯
Attending #mWISE? Catch our CTO Fred Frey (@FryGuy2600) and @Mandiant's Andrew Rector (@DetectorRector) for their talk 10/19 at 3:15 about #detectionengineering and leveraging tech + teams in a repeatable process, driving robust, resilient, and efficient detection development.
Detection Engineers, is DE Ops only for Vendors/MSSPs/MDRs or should it be something that corporations should pursue too? Curious on your thoughts!
United States الاتجاهات
- 1. Columbus 87.7K posts
- 2. #WWERaw 39.3K posts
- 3. $BURU N/A
- 4. #IDontWantToOverreactBUT N/A
- 5. #IndigenousPeoplesDay 4,595 posts
- 6. Seth 34.5K posts
- 7. Middle East 178K posts
- 8. #SwiftDay 9,273 posts
- 9. Marc 39K posts
- 10. Thanksgiving 46.1K posts
- 11. The Vision 88.7K posts
- 12. Knesset 142K posts
- 13. #MondayMotivation 14.1K posts
- 14. Flip 49.6K posts
- 15. Victory Monday 2,370 posts
- 16. Bron Breakker 5,895 posts
- 17. Egypt 178K posts
- 18. Bronson 7,030 posts
- 19. Good Monday 44.2K posts
- 20. Go Bills 4,596 posts
قد يعجبك
-
Steve YARA Synapse Miller
@stvemillertime -
Van
@Wanna_VanTa -
Dan Perez
@MrDanPerez -
Bryce
@bryceabdo -
nick
@3dRailForensics -
Rufus
@rufusmbrown -
Mathew
@mittypk -
Steve Stone
@stonepwn3000 -
Tyler McLellan
@tylabs -
Willi Ballenthin
@williballenthin -
Adrien B
@Int2e_ -
Jared Wilson
@JWilsonSecurity -
Aaron Stephens
@x04steve -
⚛️ Marcin Siedlarz
@siedlmar -
The Vertex Project
@vtxproject
Something went wrong.
Something went wrong.