By This Author
Safely validate executable file attributes with Atomic Test Harnesses Safely validate executable file attributes with Atomic Test Harnesses
September 28, 2023
Testing and validation When MFA isn’t an option: The legacy of ROPC When MFA isn’t an option: The legacy of ROPC
June 14, 2023
Microsoft Better know a data source: Antimalware Scan Interface Better know a data source: Antimalware Scan Interface
January 12, 2022
Threat detection Better know a data source: Process command line Better know a data source: Process command line
October 20, 2021
Threat detection Steering clear of bad drivers: How to apply Microsoft’s recommended driver block rules Steering clear of bad drivers: How to apply Microsoft’s recommended driver block rules
September 2, 2021
Threat detection The adversary’s gift: When one technique opens a Pandora’s box The adversary’s gift: When one technique opens a Pandora’s box
July 28, 2021
Linux security Diary of a Detection Engineer: Babysitting child processes Diary of a Detection Engineer: Babysitting child processes
June 16, 2021
Threat detection Tales from decrypt: Differentiating decryptors from ransomware Tales from decrypt: Differentiating decryptors from ransomware
May 20, 2021
Threat detection