Threat Hunting vs Detection Engineering? The saga continues ⛵
I see a lot of people trying to make sense of the roles they occupy in the cyber defence world.
The Uncertainty of Intelligence and the Entropy of Threats
In Part 2 of this series, we will explore the dimensions of information uncertainty, entropy and negentropy, superlinear defence-in-depth, latent space and threat intelligence as a decoding device for time-bound information.
The Problem of Why: Threat-Informed Prioritization in Security Operations. Part 1.
What does it mean to be threat-informed when it comes to Cyber Defence?
It is one of those classic tough
The Threat Hunting Pipeline
Ahoy fellow Cyberscouts! It's been a couple of weeks since our last encounter when I introduced an
Citrix Netscaler CVE-2023-3519 Hunt Mission Plan
Hello everyone, it would seem that time has gone quite fast and my temporal abilities to navigate the
The Journeys of a Cyberscout
We live in an economy of distraction. In this era of fabricated intelligence, attention-sucking digital vampires, calculated buzzwords, over-optimization of every aspect of life, and the mindless echoing of information we call "news", there is little room for creative reflection and quiet pondering.
The Threat Hunting Shift. Part 4: Adversarial Framework for Tactical Cyber Defense Operations II
Continuing from Threat Hunting Shift Part 3, we will now introduce the Defend and Design domains. So without further ado,
The Threat Hunting Shift. Part 3: Adversarial Framework for Tactical Cyber Defense Operations I
Active Defence Adversarial Cyber Operations Framework or ADACOP, is a framework for sense-making and understanding the relationships between the different domains of active defence. ADACOP describes four tactical domains, namely: Design, Discover, Disrupt and Defend.
The Threat Hunting Shift. Part 2: The Way of the Intercepting Fist II
We discuss Active Defense, moving beyond a passive approach to detection. How can we intentionally shape threat actor behavior via Controlled Attack Paths and Cyber Deception? Defenders inadvertently influence attackers by the way they configure layered defenses, impacting attack preferences.
The Threat Hunting Shift. Part 1: The Way of the Intercepting Fist I
While Threat Hunting is commonly seen as proactive threat detection, we propose a broader approach through the lens of Active Defense. This involves intercepting and disrupting adversaries with the goal of actively shaping attacker behavior rather than relying solely on detection.