By This Author
Better know a data source: Antimalware Scan Interface Better know a data source: Antimalware Scan Interface
January 12, 2022
Threat detection Better know a data source: Process command line Better know a data source: Process command line
October 20, 2021
Threat detection Steering clear of bad drivers: How to apply Microsoft’s recommended driver block rules Steering clear of bad drivers: How to apply Microsoft’s recommended driver block rules
September 2, 2021
Threat detection The adversary’s gift: When one technique opens a Pandora’s box The adversary’s gift: When one technique opens a Pandora’s box
July 28, 2021
Linux security Diary of a Detection Engineer: Babysitting child processes Diary of a Detection Engineer: Babysitting child processes
June 16, 2021
Threat detection Tales from decrypt: Differentiating decryptors from ransomware Tales from decrypt: Differentiating decryptors from ransomware
May 20, 2021
Threat detection Does signed mean trusted? The Mimikatz dilemma Does signed mean trusted? The Mimikatz dilemma
April 28, 2021
Threat detection The why, what, and how of threat research The why, what, and how of threat research
December 8, 2020
Threat detection