All Posts
An Object-Oriented Approach to Threat Detection Engineering
I explore my thoughts around applying an object-oriented approach to threat detection engineering, inspired by my software engineering experience at an industrial company.
Introducing LOOBins
I introduce my new project, Living Off the Orchard: macOS Binaries (LOOBins), aimed at assisting cybersecurity professionals in understanding the potential malicious uses of various macOS binaries.
GPT-4 Assisted Detection Engineering
I explore and discuss the potential of leveraging GPT-4 for detection engineering in cybersecurity.
Practical Detection-as-Code
I walk through a practical approach on how to deploy a Detection-as-Code pipeline using Sigma rules, GitLab CI/CD, and Splunk.
The Language of Threat Detection
I lay out my personal definitions of the various terms used throughout threat detection engineering.
Building a Serverless Detection Platform in AWS
I describe how to build out big data-based detection and response system using the various serverless technologies available in Amazon Web Services (AWS).