🔍 Detection Engineering - buckman

🔐Infosec Blog

cloud.google.com·

UK Cybercrime Journal: Arup Group Breached by FulcrumSec

🔐Infosec Blog

blog.bushidotoken.net··Blogger

How Blue Teams Use Sniffnet for Threat Hunting and Incident Response

🚨Incident Response Blog

medium.com

supunhg/filo-go: High-performance file forensics and digital intelligence platform written in Go.

🌐Open Source Code

github.com··DEV

EventSentry 6.0: Azure logs, Sigma rules, OAuth, and log signing

🛡️Sigma Rules

4sysops.com·

Learn Threat Hunting for Free: Hands-On Labs in a Real Elastic SIEM

🔎threat hunting Blog

medium.com

The Glitch in the Code: Trapping AC Between the SIEM and the Wire

🦠Malware Analysis Blog

medium.com

Hypotheses, telemetry, and human judgment: Inside Cisco Talos Threat Hunting

🔎threat hunting Blog

blog.talosintelligence.com·

The SIEM Isn't Dying. Its Job Is Splitting in Two.

🚨Incident Response Blog

dev.to··DEV

Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver

🚨Incident Response

thehackernews.com·

dougburks/ohmypcap: OhMyPCAP is a FOSS web application for analyzing PCAP files using Suricata and other files using YARA. View network alerts and file alerts, browse network metadata (DNS, HTTP, TLS, flows), extract ASCII transcripts, view per-packet hexdumps, and carve individual streams.

📦Containerization Code

github.com·

Soap Box: Detection and response in the AI age

🚨Incident Response

risky.biz·

TryHackMe — Boogeyman 3 — Analysis With Splunk

👁️SIEM Evasion Blog

medium.com

How to Detect C2 Beaconing in Elastic SIEM with ES|QL

🔒Information Security Blog

medium.com

Agentic SOCs: The public sector’s new AI cybersecurity defense

💻WMI Abuse Blog

elastic.co·

detflow: A Detection-Engineering Copilot You Can pip install

💬NLP Blog

dev.to··DEV

ThreatWire: A Python Library for Real-Time Network Threat Detection.

💻WMI Abuse Blog

dev.to··DEV

Winning the cyber marathon with Tony Giandomenico

🔎threat hunting Blog

blog.talosintelligence.com·

Hypotheses, telemetry, and human judgment: Inside Cisco Talos Threat Hunting

🔎threat hunting

malware.news·

No more posts from buckman's subscribed feeds.

Scour all 25255 feeds Learn more about Feeds

Automating Threat Hunts: Building a SOC on a Startup Budget

Detecting and containing AI-powered threats with Google Security Operations agents

UK Cybercrime Journal: Arup Group Breached by FulcrumSec

How Blue Teams Use Sniffnet for Threat Hunting and Incident Response

supunhg/filo-go: High-performance file forensics and digital intelligence platform written in Go.

EventSentry 6.0: Azure logs, Sigma rules, OAuth, and log signing

Learn Threat Hunting for Free: Hands-On Labs in a Real Elastic SIEM

The Glitch in the Code: Trapping AC Between the SIEM and the Wire

Hypotheses, telemetry, and human judgment: Inside Cisco Talos Threat Hunting

The SIEM Isn't Dying. Its Job Is Splitting in Two.

Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver

dougburks/ohmypcap: OhMyPCAP is a FOSS web application for analyzing PCAP files using Suricata and other files using YARA. View network alerts and file alerts, browse network metadata (DNS, HTTP, TLS, flows), extract ASCII transcripts, view per-packet hexdumps, and carve individual streams.

Soap Box: Detection and response in the AI age

TryHackMe — Boogeyman 3 — Analysis With Splunk

How to Detect C2 Beaconing in Elastic SIEM with ES|QL

Agentic SOCs: The public sector’s new AI cybersecurity defense

detflow: A Detection-Engineering Copilot You Can pip install

ThreatWire: A Python Library for Real-Time Network Threat Detection.

Winning the cyber marathon with Tony Giandomenico

Hypotheses, telemetry, and human judgment: Inside Cisco Talos Threat Hunting