Detection Engineer

Justin Schoenfeld

Justin works on the Detection Engineering team which is responsible for threat detection and intelligence research. He gained his B.A. in Computing Security from the Rochester Institute of Technology, where he had the opportunity to co-op for a large corporation and a startup company. His love for endpoint telemetry came from his experience as an advanced threat engineer for a large global hospitality company. Justin is experienced in threat hunting, incident response, and researching industry-wide threat intelligence.
 
Remote access tool or trojan? How to detect misbehaving RATs
 
Rclone Wars: Transferring leverage in a ransomware attack
 
Catch me if you code: how to detect process masquerading
 
Expediting false positive identification with string comparison algorithms
 
How the OODA Loop Can Help Improve Detection Speed and Accuracy