العربية
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#detectionengineering نتائج البحث

chrissanders88's profile picture. Ed.D. | Founder @networkdefense @RuralTechFund | Former @Mandiant, DoD | Author: Intrusion Detection Honeypots, Practical Packet Analysis, Applied NSM
Chris Sanders 🔎 🧠
@chrissanders88
١٩ يوليو ٢٠٢٣ م

I’m excited to launch our latest online course, YARA for Security Analysts. We built this course for people who want to learn to write YARA rules for detection engineering, system triage, incident response, and threat intel research. #Yara #DetectionEngineering #DFIR #Malware

chrissanders88's tweet image. I’m excited to launch our latest online course, YARA for Security Analysts. We built this course for people who want to learn to write YARA rules for detection engineering, system triage, incident response, and threat intel research. #Yara #DetectionEngineering #DFIR #Malware
6
163
627
241
148ألف
OliviaGalluccii's profile picture. Security @ Datadog | MacOS Internals  | #FOSS Advocate | Opinions ≠ Employer | @intelligentCTF @oghealthfitness | RIT | Prev. Apple, SECUINFRA, US Govt
Olivia Gallucci ✨
@OliviaGalluccii
١٧ سبتمبرم

I'm thrilled to announce I'll be giving a *secret* macOS detection engineering talk at the 1st Spraw, a new NYC security meetup! Hope to see you there! 😄 📅 Date: 2 October 2025 🎟️ Registration: sprawl.nyc #InfoSec #NYC #DetectionEngineering

OliviaGalluccii's tweet image. I'm thrilled to announce I'll be giving a *secret* macOS detection engineering talk at the 1st Spraw, a new NYC security meetup! Hope to see you there! 😄 📅 Date: 2 October 2025 🎟️ Registration: sprawl.nyc #InfoSec #NYC #DetectionEngineering
1
11
84
13
11ألف
cyb3rops's profile picture. Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Florian Roth ⚡️
@cyb3rops
٦ أكتوبر ٢٠٢٤ م

What people often overlook in #DetectionEngineering is that there’s no "one-size-fits-all" rule to detect a threat. It depends on your goals. How specific should the rule be? Are you tracking a threat actor, detecting the tool/malware, or focusing on the technique? Should it be…

cyb3rops's tweet image. What people often overlook in #DetectionEngineering is that there’s no "one-size-fits-all" rule to detect a threat. It depends on your goals. How specific should the rule be? Are you tracking a threat actor, detecting the tool/malware, or focusing on the technique? Should it be…
7
127
522
244
40ألف
br0k3ns0und's profile picture. detection engineering @ S1 | security research | former @elastic/@elasticseclabs @endgameinc etc. | bench press: 455lbs & 📈 | I like my own tweets
Justin Ibarra
@br0k3ns0und
١١ فبراير ٢٠٢٤ م

The lolol.farm continues to grow! Introducing a new project: LoFP - Living off the False Positive Where you can blend into the noise, or leverage it for triage and rule writing. 🎊🍻 br0k3nlab.com/LoFP/ #DetectionEngineering #Security

br0k3ns0und's tweet image. The lolol.farm continues to grow! Introducing a new project: LoFP - Living off the False Positive Where you can blend into the noise, or leverage it for triage and rule writing. 🎊🍻 br0k3nlab.com/LoFP/ #DetectionEngineering #Security
br0k3ns0und's profile picture. detection engineering @ S1 | security research | former @elastic/@elasticseclabs @endgameinc etc. | bench press: 455lbs & 📈 | I like my own tweets
Justin Ibarra
@br0k3ns0und
١٥ نوفمبر ٢٠٢٣ م

Just updated lolol.farm with a few more entries Also, let me know if there are any others that should be added

br0k3ns0und's tweet image. Just updated lolol.farm with a few more entries Also, let me know if there are any others that should be added
8
61
210
123
76ألف
7
154
442
206
55ألف
Cyb3rMonk's profile picture. https://t.co/uAlYlXIpyV Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR @BluRavenSec | Microsoft Security MVP | #DataScience
Mehmet Ergene
@Cyb3rMonk
٢٩ يوليوم

🚨Bad news for defenders, good news for red teamers: Linkable token identifiers in Entra ID are useful only in an AiTM scenario. Doesn't even cover Device Code Phishing. Blog soon. #ThreatHunting #DetectionEngineering #redteam

Cyb3rMonk's tweet image. 🚨Bad news for defenders, good news for red teamers: Linkable token identifiers in Entra ID are useful only in an AiTM scenario. Doesn't even cover Device Code Phishing. Blog soon. #ThreatHunting #DetectionEngineering #redteam
4
19
103
69
8ألف
Cyb3rMonk's profile picture. https://t.co/uAlYlXIpyV Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR @BluRavenSec | Microsoft Security MVP | #DataScience
Mehmet Ergene
@Cyb3rMonk
٢٤ أكتوبرم

🚨 Detect Suspicious SPN logon from Workstations. The new Credential Dump technique that bypasses Credential Guard leaves an interesting artifact to hunt for. #KQL #ThreatHunting #DetectionEngineering

Cyb3rMonk's tweet image. 🚨 Detect Suspicious SPN logon from Workstations. The new Credential Dump technique that bypasses Credential Guard leaves an interesting artifact to hunt for. #KQL #ThreatHunting #DetectionEngineering
4
32
191
136
10ألف
Cyb3rMonk's profile picture. https://t.co/uAlYlXIpyV Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR @BluRavenSec | Microsoft Security MVP | #DataScience
Mehmet Ergene
@Cyb3rMonk
١ يونيوم

🚨Spoiler: You can't detect #BadSuccessor with default configuration on AD/DC. Blog is almost finished. #ThreatHunting #DetectionEngineering

Cyb3rMonk's tweet image. 🚨Spoiler: You can't detect #BadSuccessor with default configuration on AD/DC. Blog is almost finished. #ThreatHunting #DetectionEngineering
0
10
101
42
6ألف
Cyb3rMonk's profile picture. https://t.co/uAlYlXIpyV Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR @BluRavenSec | Microsoft Security MVP | #DataScience
Mehmet Ergene
@Cyb3rMonk
١٤ أكتوبرم

I do love #KQL, but not having support for features like complete window functions (over (partition by ...)) and allowing only equality-based joins are huge blockers, especially in the detection engineering field. #DetectionEngineering

Cyb3rMonk's tweet image. I do love #KQL, but not having support for features like complete window functions (over (partition by ...)) and allowing only equality-based joins are huge blockers, especially in the detection engineering field. #DetectionEngineering
3
0
30
13
3ألف
ShanHolo's profile picture. Another blue team member…..#CSIRT #DFIR #Malware #4n6 #ThreatIntel and following the white rabbit...
Shanholo
 @ShanHolo
٥ أكتوبرم

🚨#Opendir #Malware🚨 🧵1 hxxps://tiger-checkout-draws-basketball.trycloudflare.com/ It's a nice time to learn how some TAs carry out their TTPs and at once invest time in #DetectionEngineering ☣️📸tp.bat➡️f136138d2e16aad30f27c6f30742dd7b Drops and execute a few runtimes⤵️

ShanHolo's tweet image. 🚨#Opendir #Malware🚨 🧵1 hxxps://tiger-checkout-draws-basketball.trycloudflare.com/ It's a nice time to learn how some TAs carry out their TTPs and at once invest time in #DetectionEngineering ☣️📸tp.bat➡️f136138d2e16aad30f27c6f30742dd7b Drops and execute a few runtimes⤵️
ShanHolo's tweet image. 🚨#Opendir #Malware🚨 🧵1 hxxps://tiger-checkout-draws-basketball.trycloudflare.com/ It's a nice time to learn how some TAs carry out their TTPs and at once invest time in #DetectionEngineering ☣️📸tp.bat➡️f136138d2e16aad30f27c6f30742dd7b Drops and execute a few runtimes⤵️
1
3
16
2
2ألف
ShanHolo's profile picture. Another blue team member…..#CSIRT #DFIR #Malware #4n6 #ThreatIntel and following the white rabbit...
Shanholo
 @ShanHolo
١٤ أكتوبرم

New #Sigma rule to spot Click-Fix + Cache-Smuggling chains on Windows 🎯 Unified for Sysmon ID1 & Sec. 4688 🫡 YAML 👉 pastebin.com/A3Wgjjyi Please any comment, suggestions, experiences are more than welcome (I'm not an expert with Sigma). #DetectionEngineering #SOC

ShanHolo's tweet image. New #Sigma rule to spot Click-Fix + Cache-Smuggling chains on Windows 🎯 Unified for Sysmon ID1 & Sec. 4688 🫡 YAML 👉 pastebin.com/A3Wgjjyi Please any comment, suggestions, experiences are more than welcome (I'm not an expert with Sigma). #DetectionEngineering #SOC
Defte_'s profile picture. Hacker, sysadmin and security researcher @OrangeCyberdef 💻 Calisthenic enthousiast 💪 and wannabe philosopher https://t.co/SqDDhIGGGh 📖 🔥 Hide&Sec 🔥
Aurélien Chalot
 @Defte_
١٢ أكتوبرم

So I have been told threat actors use my Browser Cache Smuggling technique to compromise people: expel.com/blog/cache-smu… Remember, detection is really easy: any process touching a browser's cache file and moving it to a .dll one IS A RED FLAG. Detection rule is easy to set ;)!

Defte_'s tweet card. We recently observed an innovative campaign using the ClickFix attack tactic for cache smuggling. Here's what you need to know.
Cache smuggling: When a picture isn’t a thousand words
المصدر: expel.com
1
41
162
98
16ألف
0
10
30
16
4ألف
ACEResponder's profile picture. Practice threat hunting & detection engineering in a real SIEM with real attacks. Join us and become the best.
ACE Responder
@ACEResponder
٢٥ مايو ٢٠٢٣ م

Highlights from the @MsftSecIntel and joint CSA reports animated. #ThreatHunting #DetectionEngineering

1
20
84
17
10ألف
NVISO_Labs's profile picture. NVISO Labs is the research arm of @NVISOSecurity, focused on infosec research. This is where our lab rats share the results! 🐀
NVISO Labs
 @NVISO_Labs
٣٠ سبتمبرم

This is the follow-up you've been waiting for: The #DetectionEngineering Blog Post Part 6 by @_st0pp3r_ blog.nviso.eu/2025/09/23/det… You'll gain insights on manual, release-based, automatic and multitenant deployments to optimize #ContinuousDeployment processes and more.

NVISO_Labs's tweet image. This is the follow-up you've been waiting for: The #DetectionEngineering Blog Post Part 6 by @_st0pp3r_ blog.nviso.eu/2025/09/23/det… You'll gain insights on manual, release-based, automatic and multitenant deployments to optimize #ContinuousDeployment processes and more.
0
5
12
2
805
br0k3ns0und's profile picture. detection engineering @ S1 | security research | former @elastic/@elasticseclabs @endgameinc etc. | bench press: 455lbs & 📈 | I like my own tweets
Justin Ibarra
@br0k3ns0und
١٧ أكتوبر ٢٠٢٤ م

We are now developing @elastic threat hunting queries, alongside our detection rules, and openly sharing these as well! 🎉🎉 Can visually explore these with rulexplorer.io! 🔥🔥 #ThreatHunting #DetectionEngineering

br0k3ns0und's tweet image. We are now developing @elastic threat hunting queries, alongside our detection rules, and openly sharing these as well! 🎉🎉 Can visually explore these with rulexplorer.io! 🔥🔥 #ThreatHunting #DetectionEngineering
br0k3ns0und's tweet image. We are now developing @elastic threat hunting queries, alongside our detection rules, and openly sharing these as well! 🎉🎉 Can visually explore these with rulexplorer.io! 🔥🔥 #ThreatHunting #DetectionEngineering
br0k3ns0und's tweet image. We are now developing @elastic threat hunting queries, alongside our detection rules, and openly sharing these as well! 🎉🎉 Can visually explore these with rulexplorer.io! 🔥🔥 #ThreatHunting #DetectionEngineering
elasticseclabs's profile picture. Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
Elastic Security Labs
@elasticseclabs
١٧ أكتوبر ٢٠٢٤ م

Threat hunting just got easier! This new repo of detection rules is crafted by our veteran detection engineers and powered by different Elastic query languages. Get the details of what’s included and see the future of this repo here: go.es.io/4h2JsTX #ElasticSecurityLabs

elasticseclabs's tweet card. Elastic is releasing a threat hunting package designed to aid defenders with proactive detection queries to identify actor-agnostic intrusions.
Elevate Your Threat Hunting with Elastic — Elastic Security Labs
المصدر: elastic.co
0
44
145
100
62ألف
5
85
349
224
38ألف
ShanHolo's profile picture. Another blue team member…..#CSIRT #DFIR #Malware #4n6 #ThreatIntel and following the white rabbit...
Shanholo
 @ShanHolo
٧ أكتوبرم

Discovered a proof-of-concept #exploit for CVE-2025-61882 affecting #Oracle E-Business Suite. ☣️d3bbb54a9e93f355f7830e298a99161d ☣️b296d3b3115762096286f225696a9bb1 ☣️23094d64721a279c0ce637584b87d6f1 The race has already begun #DetectionEngineering is evolving fast. #SOC #CERT

ShanHolo's tweet image. Discovered a proof-of-concept #exploit for CVE-2025-61882 affecting #Oracle E-Business Suite. ☣️d3bbb54a9e93f355f7830e298a99161d ☣️b296d3b3115762096286f225696a9bb1 ☣️23094d64721a279c0ce637584b87d6f1 The race has already begun #DetectionEngineering is evolving fast. #SOC #CERT
ShanHolo's tweet image. Discovered a proof-of-concept #exploit for CVE-2025-61882 affecting #Oracle E-Business Suite. ☣️d3bbb54a9e93f355f7830e298a99161d ☣️b296d3b3115762096286f225696a9bb1 ☣️23094d64721a279c0ce637584b87d6f1 The race has already begun #DetectionEngineering is evolving fast. #SOC #CERT
ShanHolo's profile picture. Another blue team member…..#CSIRT #DFIR #Malware #4n6 #ThreatIntel and following the white rabbit...
Shanholo
 @ShanHolo
٦ أكتوبرم

Another Monday, another #Vulnerability (9.8) this time is @Oracle E-Business Suite (CVE-2025-61882) "This vulnerability is remotely exploitable without authentication, If successfully exploited, this vulnerability may result in remote code execution. oracle.com/security-alert…

0
0
4
2
18ألف
3
39
138
57
19ألف
RFGroenewoud's profile picture. A security research engineer at @Elastic focusing mainly on Linux behavior-, signature- and ML-based detection engineering. Github: https://t.co/KKlA2KIjGj
Ruben Groenewoud
 @RFGroenewoud
١ أغسطس ٢٠٢٤ م

Very excited to release PANIX, a highly flexible Linux persistence tool for security research and detection engineering. Test your security posture and learn about Linux persistence. github.com/Aegrah/PANIX #DetectionEngineering #SecurityResearch #Persistence #Linux #Security

RFGroenewoud's tweet image. Very excited to release PANIX, a highly flexible Linux persistence tool for security research and detection engineering. Test your security posture and learn about Linux persistence. github.com/Aegrah/PANIX #DetectionEngineering #SecurityResearch #Persistence #Linux #Security
RFGroenewoud's tweet image. Very excited to release PANIX, a highly flexible Linux persistence tool for security research and detection engineering. Test your security posture and learn about Linux persistence. github.com/Aegrah/PANIX #DetectionEngineering #SecurityResearch #Persistence #Linux #Security
5
63
190
128
22ألف
OliviaGalluccii's profile picture. Security @ Datadog | MacOS Internals  | #FOSS Advocate | Opinions ≠ Employer | @intelligentCTF @oghealthfitness | RIT | Prev. Apple, SECUINFRA, US Govt
Olivia Gallucci ✨
@OliviaGalluccii
٢١ نوفمبرم

I'm thrilled to announce that @DatadogHQ is hiring for two roles on our Threat Detection Engineering team! 🐶 - Security Engineer 2 in Paris: careers.datadoghq.com/detail/7379791… - Senior Security Engineer - Insider in NYC: careers.datadoghq.com/detail/7391209… #Datadog #DetectionEngineering #InfoSec

1
1
11
2
898
elasticseclabs's profile picture. Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
Elastic Security Labs
@elasticseclabs
٥ يونيوم

In May, #ElasticSecurityLabs published 52 new rules! Take a look at the overview and learn how we manage these rulesets: go.es.io/45JHiVR #detectionengineering #SIEM #EDR

elasticseclabs's tweet image. In May, #ElasticSecurityLabs published 52 new rules! Take a look at the overview and learn how we manage these rulesets: go.es.io/45JHiVR #detectionengineering #SIEM #EDR
1
16
82
30
3ألف
DunhamSec's profile picture. Senior Detection Engineer
Isaac Dunham
 @DunhamSec
٢٥ نوفمبرم

Risk-based alerting (only surfacing alerts that *truly* pose a risk to your organization) is all the rage in detection engineering. I threw together a guide to quickly getting started with RBA in Microsoft Sentinel. isaacdunham.github.io/posts/risk-bas… #DetectionEngineering #SIEM #Sentinel

DunhamSec's tweet card. Risk-based alerting is revolutionary. Here's how to get started with RBA in Microsoft Sentinel.
Risk-Based Alerting in Microsoft Sentinel | Isaac Dunham's Blog
المصدر: isaacdunham.github.io
0
0
0
0
39
SecBlueTeam's profile picture. Training cyber defenders in government, law enforcement, military, and private sectors | Please don't DM for support | Gamified training @BlueLabsOnline
Security Blue Team
@SecBlueTeam
٢٥ نوفمبرم

What happens when training goes beyond theory? You get stories like these. 🌐 Real SOC workflows ⚡ Ready-for-the-job skills 🔥 Performance that speaks for itself These aren’t testimonials. They’re real stories. #CybersecurityTraining #SOCAnalyst #DetectionEngineering

SecBlueTeam's tweet image. What happens when training goes beyond theory? You get stories like these. 🌐 Real SOC workflows ⚡ Ready-for-the-job skills 🔥 Performance that speaks for itself These aren’t testimonials. They’re real stories. #CybersecurityTraining #SOCAnalyst #DetectionEngineering…
SecBlueTeam's tweet image. What happens when training goes beyond theory? You get stories like these. 🌐 Real SOC workflows ⚡ Ready-for-the-job skills 🔥 Performance that speaks for itself These aren’t testimonials. They’re real stories. #CybersecurityTraining #SOCAnalyst #DetectionEngineering…
SecBlueTeam's tweet image. What happens when training goes beyond theory? You get stories like these. 🌐 Real SOC workflows ⚡ Ready-for-the-job skills 🔥 Performance that speaks for itself These aren’t testimonials. They’re real stories. #CybersecurityTraining #SOCAnalyst #DetectionEngineering…
SecBlueTeam's tweet image. What happens when training goes beyond theory? You get stories like these. 🌐 Real SOC workflows ⚡ Ready-for-the-job skills 🔥 Performance that speaks for itself These aren’t testimonials. They’re real stories. #CybersecurityTraining #SOCAnalyst #DetectionEngineering…
0
0
0
1
350
_st0pp3r_'s profile picture. Detection Engineering · Threat Hunting · Incident Response
St0pp3r
 @_st0pp3r_
٢٥ نوفمبرم

Back with a new blog post! #DetectionEngineering: Practicing #DetectionAsCode – Tuning - Part 8 👉 blog.nviso.eu/2025/11/25/det… If you missed the rest of the parts you can find them here: blog.nviso.eu/tag/detection-…

NVISO_Labs's profile picture. NVISO Labs is the research arm of @NVISOSecurity, focused on infosec research. This is where our lab rats share the results! 🐀
NVISO Labs
 @NVISO_Labs
٢٥ نوفمبرم

Wondering how to make your #DetectionSystems more responsive during infrastructure changes? Read the latest blog post by @kristo_b & @_st0pp3r_ on #DetectionEngineering 👉blog.nviso.eu/2025/11/25/det…

NVISO_Labs's tweet card. Explore how automation and watchlists streamline detection tuning in dynamic environments. Learn techniques for efficient continuous deployment pipelines.
Detection Engineering: Practicing Detection-as-Code – Tuning – Part 8
المصدر: blog.nviso.eu
0
1
4
0
338
0
1
2
0
50
unccno's profile picture. 💻🛰️🌎🇺🇸🥸 CEO/sole proprietor-Quantitative Security--- Not financial advice for educational purposes only—US Army 🇺🇸🫡
Connor Lovgren 🇺🇸🤠
@unccno
٢٣ نوفمبرم

Result: •Total CPU stays artificially flat at 0–5 % •The line looks perfectly boring 😴 •No fan spin-up, no lag → 99.9 % of users never open the Details tab #SOC #DetectionEngineering

1
0
0
0
19
OliviaGalluccii's profile picture. Security @ Datadog | MacOS Internals  | #FOSS Advocate | Opinions ≠ Employer | @intelligentCTF @oghealthfitness | RIT | Prev. Apple, SECUINFRA, US Govt
Olivia Gallucci ✨
@OliviaGalluccii
٢١ نوفمبرم

I'm thrilled to announce that @DatadogHQ is hiring for two roles on our Threat Detection Engineering team! 🐶 - Security Engineer 2 in Paris: careers.datadoghq.com/detail/7379791… - Senior Security Engineer - Insider in NYC: careers.datadoghq.com/detail/7391209… #Datadog #DetectionEngineering #InfoSec

1
1
11
2
898
safebreach's profile picture. SafeBreach simulates hacker breach methods to quantify risks and validate how well your security controls can stand up to a breach. Funded by @Sequoia
SafeBreach
 @safebreach
١٨ نوفمبرم

Discover the importance of #DetectionEngineering from a business and risk level all the way down to daily operations. and how to leverage #BAS to empower detection engineers to be more accurate and more efficient in our webinar. Find the link in the thread.

1
0
2
0
68
chrissanders88's profile picture. Ed.D. | Founder @networkdefense @RuralTechFund | Former @Mandiant, DoD | Author: Intrusion Detection Honeypots, Practical Packet Analysis, Applied NSM
Chris Sanders 🔎 🧠
@chrissanders88
١٩ يوليو ٢٠٢٣ م

I’m excited to launch our latest online course, YARA for Security Analysts. We built this course for people who want to learn to write YARA rules for detection engineering, system triage, incident response, and threat intel research. #Yara #DetectionEngineering #DFIR #Malware

chrissanders88's tweet image. I’m excited to launch our latest online course, YARA for Security Analysts. We built this course for people who want to learn to write YARA rules for detection engineering, system triage, incident response, and threat intel research. #Yara #DetectionEngineering #DFIR #Malware
6
163
627
241
148ألف
cyb3rops's profile picture. Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Florian Roth ⚡️
@cyb3rops
٦ أكتوبر ٢٠٢٤ م

What people often overlook in #DetectionEngineering is that there’s no "one-size-fits-all" rule to detect a threat. It depends on your goals. How specific should the rule be? Are you tracking a threat actor, detecting the tool/malware, or focusing on the technique? Should it be…

cyb3rops's tweet image. What people often overlook in #DetectionEngineering is that there’s no "one-size-fits-all" rule to detect a threat. It depends on your goals. How specific should the rule be? Are you tracking a threat actor, detecting the tool/malware, or focusing on the technique? Should it be…
7
127
522
244
40ألف
OliviaGalluccii's profile picture. Security @ Datadog | MacOS Internals  | #FOSS Advocate | Opinions ≠ Employer | @intelligentCTF @oghealthfitness | RIT | Prev. Apple, SECUINFRA, US Govt
Olivia Gallucci ✨
@OliviaGalluccii
١٧ سبتمبرم

I'm thrilled to announce I'll be giving a *secret* macOS detection engineering talk at the 1st Spraw, a new NYC security meetup! Hope to see you there! 😄 📅 Date: 2 October 2025 🎟️ Registration: sprawl.nyc #InfoSec #NYC #DetectionEngineering

OliviaGalluccii's tweet image. I'm thrilled to announce I'll be giving a *secret* macOS detection engineering talk at the 1st Spraw, a new NYC security meetup! Hope to see you there! 😄 📅 Date: 2 October 2025 🎟️ Registration: sprawl.nyc #InfoSec #NYC #DetectionEngineering
1
11
84
13
11ألف
ShanHolo's profile picture. Another blue team member…..#CSIRT #DFIR #Malware #4n6 #ThreatIntel and following the white rabbit...
Shanholo
 @ShanHolo
٥ أكتوبرم

🚨#Opendir #Malware🚨 🧵1 hxxps://tiger-checkout-draws-basketball.trycloudflare.com/ It's a nice time to learn how some TAs carry out their TTPs and at once invest time in #DetectionEngineering ☣️📸tp.bat➡️f136138d2e16aad30f27c6f30742dd7b Drops and execute a few runtimes⤵️

ShanHolo's tweet image. 🚨#Opendir #Malware🚨 🧵1 hxxps://tiger-checkout-draws-basketball.trycloudflare.com/ It's a nice time to learn how some TAs carry out their TTPs and at once invest time in #DetectionEngineering ☣️📸tp.bat➡️f136138d2e16aad30f27c6f30742dd7b Drops and execute a few runtimes⤵️
ShanHolo's tweet image. 🚨#Opendir #Malware🚨 🧵1 hxxps://tiger-checkout-draws-basketball.trycloudflare.com/ It's a nice time to learn how some TAs carry out their TTPs and at once invest time in #DetectionEngineering ☣️📸tp.bat➡️f136138d2e16aad30f27c6f30742dd7b Drops and execute a few runtimes⤵️
1
3
16
2
2ألف
ACEResponder's profile picture. Practice threat hunting & detection engineering in a real SIEM with real attacks. Join us and become the best.
ACE Responder
@ACEResponder
٣ مايو ٢٠٢٣ م

New module is up on aceresponder.com - UAC Bypasses! Gain valuable experience investigating a variety of UAC bypasses. Come level up with us! #ThreatHunting #DetectionEngineering

ACEResponder's tweet image. New module is up on aceresponder.com - UAC Bypasses! Gain valuable experience investigating a variety of UAC bypasses. Come level up with us! #ThreatHunting #DetectionEngineering
0
26
89
16
10ألف
ACEResponder's profile picture. Practice threat hunting & detection engineering in a real SIEM with real attacks. Join us and become the best.
ACE Responder
@ACEResponder
٢٠ مايو ٢٠٢٣ م

🚨New Module on ACEResponder.com! Want to get started with detection engineering? Why not jump in and build some?🕵️‍♂️🔎 In this module we cover the core principles and put them to use making kerberoasting detections. Let's do it! #DetectionEngineering #DFIR

ACEResponder's tweet image. 🚨New Module on ACEResponder.com! Want to get started with detection engineering? Why not jump in and build some?🕵️‍♂️🔎 In this module we cover the core principles and put them to use making kerberoasting detections. Let's do it! #DetectionEngineering #DFIR
2
29
121
45
15ألف
ACEResponder's profile picture. Practice threat hunting & detection engineering in a real SIEM with real attacks. Join us and become the best.
ACE Responder
@ACEResponder
١٢ مارس ٢٠٢٣ م

🚨New Detection Engineering Challenge on ACEResponder.com You're tasked with creating a detection to uncover any residual presence following a high-impact intrusion. Can you build a performant detection for a stealthy Cobalt Strike beacon? #DetectionEngineering #DFIR

ACEResponder's tweet image. 🚨New Detection Engineering Challenge on ACEResponder.com You're tasked with creating a detection to uncover any residual presence following a high-impact intrusion. Can you build a performant detection for a stealthy Cobalt Strike beacon? #DetectionEngineering #DFIR
1
15
39
12
8ألف
br0k3ns0und's profile picture. detection engineering @ S1 | security research | former @elastic/@elasticseclabs @endgameinc etc. | bench press: 455lbs & 📈 | I like my own tweets
Justin Ibarra
@br0k3ns0und
١٧ أكتوبر ٢٠٢٤ م

We are now developing @elastic threat hunting queries, alongside our detection rules, and openly sharing these as well! 🎉🎉 Can visually explore these with rulexplorer.io! 🔥🔥 #ThreatHunting #DetectionEngineering

br0k3ns0und's tweet image. We are now developing @elastic threat hunting queries, alongside our detection rules, and openly sharing these as well! 🎉🎉 Can visually explore these with rulexplorer.io! 🔥🔥 #ThreatHunting #DetectionEngineering
br0k3ns0und's tweet image. We are now developing @elastic threat hunting queries, alongside our detection rules, and openly sharing these as well! 🎉🎉 Can visually explore these with rulexplorer.io! 🔥🔥 #ThreatHunting #DetectionEngineering
br0k3ns0und's tweet image. We are now developing @elastic threat hunting queries, alongside our detection rules, and openly sharing these as well! 🎉🎉 Can visually explore these with rulexplorer.io! 🔥🔥 #ThreatHunting #DetectionEngineering
elasticseclabs's profile picture. Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
Elastic Security Labs
@elasticseclabs
١٧ أكتوبر ٢٠٢٤ م

Threat hunting just got easier! This new repo of detection rules is crafted by our veteran detection engineers and powered by different Elastic query languages. Get the details of what’s included and see the future of this repo here: go.es.io/4h2JsTX #ElasticSecurityLabs

elasticseclabs's tweet card. Elastic is releasing a threat hunting package designed to aid defenders with proactive detection queries to identify actor-agnostic intrusions.
Elevate Your Threat Hunting with Elastic — Elastic Security Labs
المصدر: elastic.co
0
44
145
100
62ألف
5
85
349
224
38ألف
Cyb3rMonk's profile picture. https://t.co/uAlYlXIpyV Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR @BluRavenSec | Microsoft Security MVP | #DataScience
Mehmet Ergene
@Cyb3rMonk
٢٩ يوليوم

🚨Bad news for defenders, good news for red teamers: Linkable token identifiers in Entra ID are useful only in an AiTM scenario. Doesn't even cover Device Code Phishing. Blog soon. #ThreatHunting #DetectionEngineering #redteam

Cyb3rMonk's tweet image. 🚨Bad news for defenders, good news for red teamers: Linkable token identifiers in Entra ID are useful only in an AiTM scenario. Doesn't even cover Device Code Phishing. Blog soon. #ThreatHunting #DetectionEngineering #redteam
4
19
103
69
8ألف
elasticseclabs's profile picture. Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
Elastic Security Labs
@elasticseclabs
٥ يونيوم

In May, #ElasticSecurityLabs published 52 new rules! Take a look at the overview and learn how we manage these rulesets: go.es.io/45JHiVR #detectionengineering #SIEM #EDR

elasticseclabs's tweet image. In May, #ElasticSecurityLabs published 52 new rules! Take a look at the overview and learn how we manage these rulesets: go.es.io/45JHiVR #detectionengineering #SIEM #EDR
1
16
82
30
3ألف
_josehelps's profile picture. 🛡️ Threat Research Director @Splunk ❤️ Scuba Diving 🔧 Maintainer of #AtomicRedTeam #LOLDRIVERS #LOLRMM #LOLBAS
Jose Enrique Hernandez
@_josehelps
٣٠ أكتوبر ٢٠٢٣ م

😁So excited about the improvements and upgrades open-source projects like atomicredteam.io and sigmahq.io are going through to bring 🛡️#DetectionEngineering capabilities to everyone! @nas_bench and @cyb3rbuff your impact has been on 🔥

_josehelps's tweet image. 😁So excited about the improvements and upgrades open-source projects like atomicredteam.io and sigmahq.io are going through to bring 🛡️#DetectionEngineering capabilities to everyone! @nas_bench and @cyb3rbuff your impact has been on 🔥
0
14
83
24
8ألف
elasticseclabs's profile picture. Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
Elastic Security Labs
@elasticseclabs
١٠ أبريلم

In March, #ElasticSecurityLabs published 67 new rules! Take a look at the overview, or check out our entire library of protections here: go.es.io/42qPQhc #detectionengineering #SIEM #EDR

elasticseclabs's tweet image. In March, #ElasticSecurityLabs published 67 new rules! Take a look at the overview, or check out our entire library of protections here: go.es.io/42qPQhc #detectionengineering #SIEM #EDR
0
19
59
16
2ألف
elasticseclabs's profile picture. Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
Elastic Security Labs
@elasticseclabs
٤ أبريلم

Starting soon! A @BsidesOK presentation from @stryker0x on the interception of #genai and #detectionengineering. If you’re in the Sooner State, be sure to join them in the South room: go.es.io/4i6nqPo

elasticseclabs's tweet image. Starting soon! A @BsidesOK presentation from @stryker0x on the interception of #genai and #detectionengineering. If you’re in the Sooner State, be sure to join them in the South room: go.es.io/4i6nqPo
10
2
13
1
760
blueteamsec1's profile picture. The cybersecurity home for the latest #BlueTeam, #DFIR, and #ThreatHunting news and tools.
Blue Team News
@blueteamsec1
١١ سبتمبر ٢٠٢٣ م

NixImports - A .NET Malware Loader, Using API-Hashing To Evade Static Analysis #DetectionEngineering #Dynamic #Hashes #Malware dlvr.it/SvyR4l

blueteamsec1's tweet image. NixImports - A .NET Malware Loader, Using API-Hashing To Evade Static Analysis #DetectionEngineering #Dynamic #Hashes #Malware dlvr.it/SvyR4l
0
17
26
4
5ألف
elasticseclabs's profile picture. Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
Elastic Security Labs
@elasticseclabs
٢ ينايرم

We're starting 2025 strong. Join us on January 14th for Detection Engineering with the Elastic Global Threat Report, a new webinar from @RFGroenewoud and @_w0rk3r focused on leveling your #detectionengineering in the new year. Get the details: go.es.io/4gASJSe

elasticseclabs's tweet image. We're starting 2025 strong. Join us on January 14th for Detection Engineering with the Elastic Global Threat Report, a new webinar from @RFGroenewoud and @_w0rk3r focused on leveling your #detectionengineering in the new year. Get the details: go.es.io/4gASJSe
0
7
34
11
2ألف
elasticseclabs's profile picture. Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
Elastic Security Labs
@elasticseclabs
٢٤ أبريلم

You can access our #detectionengineering repos, but how about a closer look? The 2025 State of Detection Engineering at Elastic is a new #report from #ElasticSecurityLabs detailing how we create and assess our prebuilt rules. Check it out: go.es.io/4jnrXhA

elasticseclabs's tweet image. You can access our #detectionengineering repos, but how about a closer look? The 2025 State of Detection Engineering at Elastic is a new #report from #ElasticSecurityLabs detailing how we create and assess our prebuilt rules. Check it out: go.es.io/4jnrXhA
0
22
65
23
4ألف

Something went wrong.


Something went wrong.


United States Trends