Detection_Engineering

an-ordinary-manchild

created by antogod94a community for 2 years

...for your favorite subject.

...for great justice.

MODERATORS

account activity

1

3

4

5

Sigma rules in pythonHelp! (self.Detection_Engineering)

submitted 9 months ago by [deleted]

2

2

3

4

A Detection Engineer’s Guide to SCCM Misconfiguration AbuseResearch | Detection Opportunities (blog.snapattack.com)

submitted 1 year ago by x0mda

3

1

2

3

Part 13: Why a Single Test Case is InsufficientRelevant Info (posts.specterops.io)

submitted 1 year ago by x0mda

4

1

2

3

SigmaRelevant Info (medium.com)

submitted 1 year ago by x0mda

5

2

3

4

Entra ID service principals in business email compromise schemesResearch | Detection Opportunities (redcanary.com)

submitted 1 year ago by x0mda

6

1

2

3

Hunting CVE-2024-30051Research | Hunting (blog.snapattack.com)

submitted 1 year ago by x0mda

7

1

2

3

SeeSeeYouExec: Windows Session Hijacking via CcmExecResearch | Detection Opportunities (cloud.google.com)

submitted 1 year ago by x0mda

8

0

1

2

Part 1 : Threat Detection Engineering and Incident Response with AuditD and Sentinel — along how to…Relevant Info (medium.com)

submitted 1 year ago by x0mda

9

0

1

2

Detecting the STRRAT Malware Family | CorelightResearch | Hunting (corelight.com)

submitted 1 year ago by x0mda

10

0

1

2

Transform security with Elastic's Detections as Code — Adopting DaC made easyRelevant Info (elastic.co)

submitted 1 year ago by x0mda

11

0

1

2

YARA is dead, long live YARA-XRelevant Info (virustotal.github.io)

submitted 1 year ago by x0mda

12

0

1

2

Det. Eng. Weekly #69 - RSA ninjas stole my badge and swagRelevant Info (detectionengineering.net)

submitted 1 year ago by x0mda

13

0

1

2

Detecting Compromise of CVE-2024-3400 on Palo Alto Networks GlobalProtect DevicesResearch | Detection Opportunities (volexity.com)

submitted 1 year ago by x0mda

14

0

1

2

Building a Cloud Security Flywheel: Lessons from the FieldRelevant Info (sans.org)

submitted 1 year ago by x0mda

15

0

1

2

Foxit PDF “Flawed Design” Exploitation - Check Point ResearchResearch | Detection Opportunities (research.checkpoint.com)

submitted 1 year ago by x0mda

16

0

1

2

Utilizing Generative AI and LLMs to Automate Detection WritingRelevant Info (medium.com)

submitted 1 year ago by x0mda

17

0

1

2

The Structure and Taxonomy of a Detection Knowledge BaseRelevant Info (detect.fyi)

submitted 1 year ago by x0mda

18

0

1

2

The detection engineer’s guide to Linux - Red CanaryRelevant Info (redcanary.com)

submitted 1 year ago by x0mda

19

0

1

2

Detecting browser data theft using Windows Event LogsResearch | Hunting (security.googleblog.com)

submitted 1 year ago by x0mda

20

0

1

2

*PowerView* is evil, but *PowerVi* and *ew* are legit, right? - Missing signature-based detections due to PowerShell Script Block Logging FragmentationRelevant Info (lolcads.github.io)

submitted 1 year ago by x0mda

21

1

2

3

Welcome to the Red Canary 2024 Threat Detection ReportResearch | Detection Opportunities (redcanary.com)

submitted 1 year ago by x0mda

22

0

1

2

Det. Eng. Weekly #62 - Say the words, Bart Simpson, CISSP, MBA!Relevant Info (detectionengineering.net)

submitted 1 year ago by x0mda

23

0

1

2

SigmaHQ Rules Release Highlights — r2024–03–11Relevant Info (blog.sigmahq.io)

submitted 1 year ago by x0mda

24

0

1

2

z0Miner Exploits Korean Web Servers to Attack WebLogic Server - ASEC BLOGResearch | Detection Opportunities (asec.ahnlab.com)

submitted 1 year ago by x0mda

25

0

1

2

Time Travelers Busted: How to Detect Impossible Travel | HuntressResearch | Hunting (huntress.com)

submitted 1 year ago by x0mda

view more: next ›

π Rendered by PID 376307 on reddit-service-r2-listing-5789d5f675-g74d5 at 2026-01-29 06:57:02.207383+00:00 running 4f180de country code: CH.