By This Author
When MFA isn’t an option: The legacy of ROPC When MFA isn’t an option: The legacy of ROPC
June 14, 2023
Microsoft Better know a data source: Antimalware Scan Interface Better know a data source: Antimalware Scan Interface
January 12, 2022
Threat detection Better know a data source: Process command line Better know a data source: Process command line
October 20, 2021
Threat detection Steering clear of bad drivers: How to apply Microsoft’s recommended driver block rules Steering clear of bad drivers: How to apply Microsoft’s recommended driver block rules
September 2, 2021
Threat detection The adversary’s gift: When one technique opens a Pandora’s box The adversary’s gift: When one technique opens a Pandora’s box
July 28, 2021
Linux security Diary of a Detection Engineer: Babysitting child processes Diary of a Detection Engineer: Babysitting child processes
June 16, 2021
Threat detection Tales from decrypt: Differentiating decryptors from ransomware Tales from decrypt: Differentiating decryptors from ransomware
May 20, 2021
Threat detection Does signed mean trusted? The Mimikatz dilemma Does signed mean trusted? The Mimikatz dilemma
April 28, 2021
Threat detection