Director, Threat Research

Matt Graeber

Matt has worked the majority of his security career in offense, facilitating his application of an attacker’s mindset to detection engineering which involves developing detection evasion strategies. By pointing out gaps in detection coverage, Matt is able to effectively offer actionable detection improvement guidance. Matt loves to apply his reverse engineering skills to understand attack techniques at a deeper level in order to more confidently contextualize them, understand relevant detection optics, and to understand the workflow attackers use to evade security controls. Matt is committed to making security research both accessible and actionable.

By This Author

Artificial authentication: Understanding and observing Azure OpenAI abuse

October 30, 2024

Threat detection

Artificial authentication: Understanding and observing Azure OpenAI abuse

Safely validate executable file attributes with Atomic Test Harnesses

September 28, 2023

Safely validate executable file attributes with Atomic Test Harnesses

When MFA isn’t an option: The legacy of ROPC

June 14, 2023

When MFA isn’t an option: The legacy of ROPC

Better know a data source: Antimalware Scan Interface

January 12, 2022

Threat detection

Better know a data source: Antimalware Scan Interface

Better know a data source: Process command line

October 20, 2021

Threat detection

Better know a data source: Process command line

Steering clear of bad drivers: How to apply Microsoft’s recommended driver block rules

September 2, 2021

Threat detection

Steering clear of bad drivers: How to apply Microsoft’s recommended driver block rules

The adversary’s gift: When one technique opens a Pandora’s box

July 28, 2021

The adversary’s gift: When one technique opens a Pandora’s box

Diary of a Detection Engineer: Babysitting child processes

June 16, 2021

Threat detection

Diary of a Detection Engineer: Babysitting child processes

Back to Top