Andy Rector
@DetectorRector
Detection Lead @ Mandiant Managed Defense / Former IR Consultant @mandiant. Tier 3 Hipster; I came in like a #WrectorBall
You might like
Great cross team collaboration across Google Cloud to get this service off the ground. Let's find some evil!
Just announced in preview: Mandiant Hunt for Chronicle Security Operations! This new service is tailored to organizations with existing security programs who want a threat hunting capability to discover new threats that may be missed by product detection. cloud.google.com/blog/products/…
cloud.google.com
Introducing Mandiant Hunt to help you uncover hidden threats in real-time | Google Cloud Blog
Announced today at Next ‘23, Mandiant Hunt integrates frontline intelligence and expertise into Chronicle Security Operations to search for undetected attacks.
I’m proud to present ProtoBurp, a new Burp Suite extension to help encode and fuzz Protobuf messages based on pain points with existing tooling. Check out my latest blog post about it! dillonfrankesecurity.com/posts/protobur… #pentesting #burpsuite #protobuf #offsec
I don't feel like this is the right question. Threat hunting is a function of detection engineering, where detections are being tested and matched against customer telemetry. If not matches, no additional work. The question we should be asking is what is the service hunting for?
If you were procuring managed threat hunting services from a major security vendor, how many hours per week do you expect a threat hunter is threat hunting in your environment?
Question for Threat Intelligence Analysts, and SOC alike... would you consider Detection Rules Threat Intel? Curious on the perspective of consumers of DE content whether or not Detection Rules should be considered Threat Intelligence or not.
Strong agreement here. Detection Engineering is an exercise in labeling and classifying security relevant data. FP reduction is critically important in reducing alert fatigue, but the opportunity to tune comes directly from SOC dispositions. It's the best feedback loop you have
If you were procuring managed threat hunting services from a major security vendor, how many hours per week do you expect a threat hunter is threat hunting in your environment?
If you're in the Detection Engineering space, come watch @FryGuy2600 and I geek out on all things DE. We have the following planned: 1️⃣ Establish what DE is and isn't 2️⃣ Details on the DE process from a practitioners perspective 3️⃣ DE Maturity model 4️⃣ Measuring success 🎯🎯🎯
Attending #mWISE? Catch our CTO Fred Frey (@FryGuy2600) and @Mandiant's Andrew Rector (@DetectorRector) for their talk 10/19 at 3:15 about #detectionengineering and leveraging tech + teams in a repeatable process, driving robust, resilient, and efficient detection development.
Detection Engineers, is DE Ops only for Vendors/MSSPs/MDRs or should it be something that corporations should pursue too? Curious on your thoughts!
United States Trends
- 1. Chiefs 108K posts
- 2. Branch 33.4K posts
- 3. Mahomes 33.4K posts
- 4. Red Cross 41K posts
- 5. #TNABoundForGlory 55.9K posts
- 6. Binance DEX 5,093 posts
- 7. #LaGranjaVIP 73K posts
- 8. #LoveCabin 1,218 posts
- 9. Rod Wave 1,366 posts
- 10. Bryce Miller 4,479 posts
- 11. LaPorta 10.9K posts
- 12. Dan Campbell 3,912 posts
- 13. Goff 13.7K posts
- 14. Kelce 16.6K posts
- 15. #OnePride 6,413 posts
- 16. Mariners 49.6K posts
- 17. #DETvsKC 4,996 posts
- 18. Eitan Mor 8,908 posts
- 19. Tom Homan 77.8K posts
- 20. Butker 8,520 posts
You might like
-
Steve YARA Synapse Miller
@stvemillertime -
Van
@Wanna_VanTa -
Dan Perez
@MrDanPerez -
Bryce
@bryceabdo -
nick
@3dRailForensics -
Rufus
@rufusmbrown -
Mathew
@mittypk -
Steve Stone
@stonepwn3000 -
Tyler McLellan
@tylabs -
Willi Ballenthin
@williballenthin -
Adrien B
@Int2e_ -
Jared Wilson
@JWilsonSecurity -
Aaron Stephens
@x04steve -
⚛️ Marcin Siedlarz
@siedlmar -
The Vertex Project
@vtxproject
Something went wrong.
Something went wrong.