RT @br0k3ns0und: Was chatting with @brent_murphy about detection engineering practices at S1 and it was awesome to hear that they leverage…

@br0k3ns0und Love those resources!

RT @SentinelOne: 🔥 🟣 Purple AI is here and now generally available! To learn more about the industry’s leading AI security analyst, watch t…

RT @br0k3ns0und: I have been working on a pretty extensive detection engineering series for a while now. I wanted to start sharing some tid…

Hope this helps!

@theITMagician @techspence Todyl

@HackingLZ If your vendor taps into the Threat-Intelligence ETW provider, you can grab some of those lower-level API calls and alert on them.

@bettersafetynet @todylprotection

Check out Part 2 of our blog on #XWorm v4.0 where we break down the .NET Loader

We recently uncovered an attack leveraging the most recent version of #XWorm malware. Check out our blog covering the multiple layers of file #obfuscation and our analysis on how to decode. #DetectionEngineering #FileDeobfuscation #Cybersecurity #Todyl

@424f424f @ippsec *ML node

Some external indicators from @GreyNoiseIO as well

@thewebvy @_JohnHammond thanks, didn't see that one!