All Posts

An Object-Oriented Approach to Threat Detection Engineering

I explore my thoughts around applying an object-oriented approach to threat detection engineering, inspired by my software engineering experience at an industrial company.

Introducing LOOBins

I introduce my new project, Living Off the Orchard: macOS Binaries (LOOBins), aimed at assisting cybersecurity professionals in understanding the potential malicious uses of various macOS binaries.

GPT-4 Assisted Detection Engineering

I explore and discuss the potential of leveraging GPT-4 for detection engineering in cybersecurity.

Practical Detection-as-Code

I walk through a practical approach on how to deploy a Detection-as-Code pipeline using Sigma rules, GitLab CI/CD, and Splunk.

The Language of Threat Detection

I lay out my personal definitions of the various terms used throughout threat detection engineering.

Building a Serverless Detection Platform in AWS

I describe how to build out big data-based detection and response system using the various serverless technologies available in Amazon Web Services (AWS).