Andy Rector @DetectorRector
Detection Lead @ Mandiant Managed Defense / Former IR Consultant @mandiant. Tier 3 Hipster; I came in like a #WrectorBall San Francisco, CA Joined July 2012-
Tweets319
-
Followers1K
-
Following400
-
Likes1K
Great cross team collaboration across Google Cloud to get this service off the ground. Let's find some evil!
Great cross team collaboration across Google Cloud to get this service off the ground. Let's find some evil!
0
18
44
8K
4
Andy Rector retweeted
I’m proud to present ProtoBurp, a new Burp Suite extension to help encode and fuzz Protobuf messages based on pain points with existing tooling. Check out my latest blog post about it! dillonfrankesecurity.com/posts/protobur… #pentesting #burpsuite #protobuf #offsec
I don't feel like this is the right question. Threat hunting is a function of detection engineering, where detections are being tested and matched against customer telemetry. If not matches, no additional work. The question we should be asking is what is the service hunting for?
I don't feel like this is the right question. Threat hunting is a function of detection engineering, where detections are being tested and matched against customer telemetry. If not matches, no additional work. The question we should be asking is what is the service hunting for?
Question for Threat Intelligence Analysts, and SOC alike... would you consider Detection Rules Threat Intel? Curious on the perspective of consumers of DE content whether or not Detection Rules should be considered Threat Intelligence or not.
Strong agreement here. Detection Engineering is an exercise in labeling and classifying security relevant data. FP reduction is critically important in reducing alert fatigue, but the opportunity to tune comes directly from SOC dispositions. It's the best feedback loop you have
If you're in the Detection Engineering space, come watch @FryGuy2600 and I geek out on all things DE. We have the following planned: 1️⃣ Establish what DE is and isn't 2️⃣ Details on the DE process from a practitioners perspective 3️⃣ DE Maturity model 4️⃣ Measuring success 🎯🎯🎯
If you're in the Detection Engineering space, come watch @FryGuy2600 and I geek out on all things DE. We have the following planned: 1️⃣ Establish what DE is and isn't 2️⃣ Details on the DE process from a practitioners perspective 3️⃣ DE Maturity model 4️⃣ Measuring success 🎯🎯🎯
Detection Engineers, is DE Ops only for Vendors/MSSPs/MDRs or should it be something that corporations should pursue too? Curious on your thoughts!
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Research and Discovery (RAD) @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Dave Kennedy @HackingDave
223K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
Nick Carr @ItsReallyNick
38K Followers 3K Following Tech Director / Threat Intelligence at Microsoft. Previously, Director of Incident Response & Intel Research at Mandiant. Former Chief Technical Analyst at CISA
Tyler McLellan @tylabs
3K Followers 588 Following Intrusion aficionado. @Google/@Mandiant Advanced Practices
Steve YARA Synapse Mi... @stvemillertime
17K Followers 1K Following threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara
Samir @SBousseaden
25K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Dan Perez @MrDanPerez
4K Followers 1K Following 🇨🇳Mission TL @Google | #Malware Naming Wizard | #Attribution Connoisseur | All tweets are my own. #ThreatIntel #APT
Daniel Bohannon @danielhbohannon
18K Followers 582 Following Security Researcher @permisosecurity Previously: @Mandiant/@FireEye, @Microsoft Developer: Invoke-(Obfuscation|CradleCrafter|DOSfuscation) & Revoke-Obfuscation
Nasreddine Benchercha... @nas_bench
11K Followers 1K Following Detection @Splunk & @cisco | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
Christopher Peacock @SecurePeacock
7K Followers 2K Following #PurpleTeam | Ex @RaytheonTech MSSP, @SCYTHE_IO, & @GD_OTS | Taught at BlackHat & DEFCON | #100DaysofSigma | Keep exploring, keep learning, and stay curious
Mehmet Ergene @Cyb3rMonk
13K Followers 437 Following https://t.co/uAlYlXIpyV Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR @BluRavenSec | Microsoft Security MVP | #DataScience
Van @Wanna_VanTa
4K Followers 393 Following Research & Discovery Lead @Mandiant @googlecloud Specialties: researching adversary tradecraft, hardstuck masters TFT, and losing sneaker raffles.
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
Aaron Stephens @x04steve
3K Followers 524 Following
💻 Sherrod DeGrippo... @sherrod_im
36K Followers 7K Following Weird security voyeur. Vibe merchant. CISO of your 🩷 Official USPS fan account. 🎉 Host of THE Microsoft Threat Intelligence Podcast. I like crime actors.
Gigs @ Shmoo @Gigs_Security
2K Followers 725 Following not aspiring to be humble▪️ #AdvancedPractices🦅 ▪️Thoughts are my own ▪️She|Her|Gigs
Matthew @embee_research
14K Followers 2K Following Security Researcher, Creating and Sharing Educational Content.
Adam Slowik @omnitheon
200 Followers 2K Following Offensive Security / Threathunter / Detection Engineer / @CDMDepaul and @NationalCCDC Alum
Foeewor @Foeewor6563
47 Followers 2K Following
Doeekarg @Doeekarg114587
21 Followers 694 Following
Yeom Jihun @jihun_yeom5653
1 Followers 13 Following
Lil Bindle @YungBindlestiff
125 Followers 3K Following
Cyber Albatros @TheBlueAlbatros
0 Followers 3K Following
David Tocco @dtocco
20 Followers 240 Following
Darjui @Darjui737011
12 Followers 1K Following
Dave Atkinson @dave_senseon
306 Followers 4K Following Founder @SenseonTech | Simplifying cybersecurity with AI | Leadership, risk reduction & efficiency | Big problems need bold solutions.
JuanUP @JuanUP3rez
1 Followers 94 Following
Stephen Demjanenko @sdemjanenko
435 Followers 1K Following Builder, Climate same denier, Calling people on their hypocrisy and self-serving statements | ex Permiso, Meraki
Pat @pateyrotich
1K Followers 2K Following Cyber defenderat a telco, founding member @shehacks_ke, feminist
S Free @misenus42
10 Followers 840 Following
77♠️♦️ @_A77Cryp4c3
31 Followers 1K Following #Я не существую в вашем мире. Прокси, замаскированный, исчезнувший. ☠️ Призрак в системе #77
Maja @LeschMarcu64276
52 Followers 2K Following
Kate @Katejrjr26
120 Followers 2K Following Swing trading for a living 💻 Analyzing charts and market data 📊 Sharing technical analysis and trading insights 📉 Learning from successful traders
7up4 @7up47
0 Followers 143 Following
Ewerton @ewerton_af
77 Followers 464 Following
Beralnie @Beralnie26969
24 Followers 2K Following
John @John0545351083
2 Followers 445 Following
Qaugom @Qaugom209
37 Followers 2K Following
St0pp3r @_st0pp3r_
223 Followers 261 Following Detection Engineering · Threat Hunting · Incident Response
🥷Ninjutsu Project @ninjutsu_os
3K Followers 1K Following Senior Cybersecurity Consultant | 🔴 #RedTeamer | ⚔ #OffSec 💻 Web/Mobile #Pentester | 🛡 #Ninjutsu Project | 📢 Retweeter of #Infosec #Offsec #RedTeam
Alice MAGA @hwangmimiy
751 Followers 2K Following 🇺🇸 # TRUMP2024 🇺🇸 # MAGA 💰 Pro - Life 👶 🩷 Drill baby Drill 💰 Close the border 🚫 Two genders ♀ ♂
abhimanyu iyer @abhinahii
55 Followers 440 Following info sec engineer. motivated. always learning. willing to succeed. constantly developing. forever improving.
Richard Ackroyd @rfackroyd
823 Followers 804 Following Cyber Security | Staff Security Engineer @Ripple (fintech/crypto) | Specialised in Detection & Response 🦈 Ex @PwC
Tarethue @Tarethuep1jj0
23 Followers 848 Following
jpg_lab @jpg_lab
4 Followers 49 Following
nanjin002 @nanjin00272827
21 Followers 4K Following
Bwing @Bwing4for
4 Followers 788 Following
Takayama612 @unknown68082
0 Followers 29 Following
🚨 The Most Exploit... @MostExploited
77 Followers 384 Following 🔍| Unveiling PoC exploits, zero-days & CVE insights | Shedding light on ransomware groups, cyber news & The Most Exploited CVEs
Lexie Aytes @cybseclex
86 Followers 409 Following Threat Researcher @ Google/Mandiant | just here for the memes | opinions are my own
Shina Mashiro @ShiinaaM
402 Followers 3K Following Microsoft Sentinel Enthusiast | 4n6 Investigator | Cloud Security | 🇮🇩 S.Kom
Scott Meunier @lsutygrs
13 Followers 252 Following
USER04725852 @user04725841960
0 Followers 3K Following
sky @0x0aSky
196 Followers 2K Following French CTI analyst. My interests, OSINT, CTI, IR, forensics and new technologies. Opinions are my own.
Naman Devnani @naman_devnani
419 Followers 7K Following Security Researcher | Purple Team | Bug Hunter | CTF Player | Science & Tech Enthusiast | R&D | All-Source Intelligence | CAP | DCSP | TTIA | BCDE | COL
Cryptanalyst @Cryptanalyst19
389 Followers 4K Following Exploit writer, Threat Intel and a crypto guy.
seantelligence @niksadecimal
408 Followers 955 Following intel nerd & admitted tech idiot. tier 6 memes only. rambles about security and stuff. ridin w/ no tint so mf-ers know it's me. army vet. human rights ally.
Ron Brash @ron_brash
1K Followers 975 Following ICS/embedded and cybersecurity researcher, water sports fanatic, chihuahua owner, maintainer of things, and sharer of knowledge.
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Research and Discovery (RAD) @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
SwiftOnSecurity @SwiftOnSecurity
405K Followers 9K Following computer security person. former helpdesk.
Dave Kennedy @HackingDave
223K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
Kostas @Kostastsale
18K Followers 367 Following @TheDFIRReport | No longer active here – find me on Bluesky: https://t.co/qHzDSxCRfG. 🇬🇷🇨🇦
Nick Carr @ItsReallyNick
38K Followers 3K Following Tech Director / Threat Intelligence at Microsoft. Previously, Director of Incident Response & Intel Research at Mandiant. Former Chief Technical Analyst at CISA
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Steve YARA Synapse Mi... @stvemillertime
17K Followers 1K Following threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara
Samir @SBousseaden
25K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]
Chris Sanders 🔎 �... @chrissanders88
34K Followers 489 Following Ed.D. | Founder @networkdefense @RuralTechFund | Former @Mandiant, DoD | Author: Intrusion Detection Honeypots, Practical Packet Analysis, Applied NSM
Dan Perez @MrDanPerez
4K Followers 1K Following 🇨🇳Mission TL @Google | #Malware Naming Wizard | #Attribution Connoisseur | All tweets are my own. #ThreatIntel #APT
Daniel Bohannon @danielhbohannon
18K Followers 582 Following Security Researcher @permisosecurity Previously: @Mandiant/@FireEye, @Microsoft Developer: Invoke-(Obfuscation|CradleCrafter|DOSfuscation) & Revoke-Obfuscation
4n6lady @4n6lady
62K Followers 669 Following #DFIR & #BlueTeam | IR & Threat Detection | #OSINT enthusiast | waiting for HL3 | AWS CIRT - my views are my own
Thomas Roccia 🤘 @fr0gger_
31K Followers 2K Following AI Security x Threat Intel · Sr. Threat Researcher @Microsoft · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @McAfee_Labs · Views mine 😈
Nasreddine Benchercha... @nas_bench
11K Followers 1K Following Detection @Splunk & @cisco | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
Mehmet Ergene @Cyb3rMonk
13K Followers 437 Following https://t.co/uAlYlXIpyV Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR @BluRavenSec | Microsoft Security MVP | #DataScience
Ali Hadi | B!n@ry @binaryz0ne
33K Followers 565 Following DFIR and Adversary Simulation | DFIR @ ProtonMail
Van @Wanna_VanTa
4K Followers 393 Following Research & Discovery Lead @Mandiant @googlecloud Specialties: researching adversary tradecraft, hardstuck masters TFT, and losing sneaker raffles.
François Chollet @fchollet
572K Followers 813 Following Co-founder @ndea. Co-founder @arcprize. Creator of Keras and ARC-AGI. Author of 'Deep Learning with Python'.
BrokeAssStuart @BrokeAssStuart
32K Followers 2K Following TV Host. Travel Writer. Former Mayoral Candidate. Top 20 accounts in SF (Buzzfeed) Best email list ever: https://t.co/I4thf8Zrhg (He/Him)
Omer Baig @obaig11
203 Followers 585 Following NFL, Cyber Security & #DFIR Enthusiast. Opinions expressed are mine, mine to me.
Mark Karayan @Mgkarayan
967 Followers 4K Following @googlecloud Threat Intel Comms Lead. I don't want to sell anything, buy anything, or process anything as a career. @markkarayan.bsky.social
arb0ur @arb0ur
348 Followers 1K Following
valencia4people @valencia4people
635 Followers 164 Following From Market to Cesar Chavez, bursting with @SharedSpacesSF flavor & fun, longing to shed motor vehicles and become “Valencia For The People” 📷 @irapolis
Luke Bornheimer (Stre... @LukeBornheimer
4K Followers 1K Following Executive Director @StreetsForward. Organizer and sustainable transportation advocate. Lead @SFBikeBus @NTORsf @eBikeSF; Board @GreatHwyPark. #BlackLivesMatter
derek guy @dieworkwear
1.4M Followers 958 Following Menswear writer. Editor at @putthison. Creator of @RLGoesHard. Bylines at The New York Times, The Financial Times, Politico, Esquire, and Mr. Porter
BART @SFBART
329K Followers 713 Following We provide train service throughout the San Francisco Bay Area. For automated service updates: @SFBARTalert
Timothy Dunn @TimDunn94183193
138 Followers 840 Following Threat Researcher, Security+, CEH, Speaker, Practicing Curmudgeon. Opinions are my own ...
ChristinaCampodonico @ChristinaJCampo
1K Followers 3K Following Journalist on sabbatical | Words @latimes @kcet | Alum @princeton @uscannenberg @sfstandard @argonautnews | Opinions my own
Jamie Levy🦉 @gleeda
10K Followers 6K Following @Volatility Core Dev | Art of Memory Forensics co-author | Director of Adversary Tactics @HuntressLabs | #DFIR enthusiast/trainer | [email protected]
San Francisco Chronic... @sfchronicle
312K Followers 482 Following Delivering the Bay Area’s best journalism every day. Subscribe and support the newsroom: https://t.co/p8tnyqwzKs
Brendan Chamberlain @infosecb
988 Followers 678 Following Threat Detection Engineer | detection & response | automation | macOS security | awesome-detection-engineering, LOOBins, Rulehound
Paul Masek @paulmasek... @paul_masek
696 Followers 1K Following IT Recruitment Consultant. @BSidesFortWayne Co-founder. GSEC & GIAC Advisory Board. #detectionengineering & #threathunting fan.
Brandon Jeup @BrandonJeup
270 Followers 1K Following InfoSec defense, rides bikes, enjoys sports ball
Jazz Fall @JazzFall
120K Followers 2K Following
Blue Team Thomas @TheEis4Extra
4K Followers 1K Following Detection Engineer | Cybersecurity Researcher | Multifaceted Nerd | Excessively Black | HipHop & R&B | Gamer | Runner | Occasional Podcaster
Rahul kashyap @Rahulk787878
11 Followers 213 Following SOC Analyst at HCL Technologies Ltd |Security Analyst |SIEM XPERT | Soc Analyst | Archsight | Splunk Siem | Incident Response | Malware Analysis | Email Analysi
Anton @Antonlovesdnb
5K Followers 3K Following Blue Team stuff | Trying to be a decent human being | @munkschool Grad | Hunt & Response @HuntressLabs
Luca Martelli @lmartelli
2K Followers 4K Following Industries and Security GTM Leader at Google Cloud EMEA #infosecurity #CISM. Opinions are my own
dragosr @dragosr
24K Followers 9K Following Stop, Think, Pwn! (see also @[email protected], https://t.co/BjclXYWQ9R for alternate)
💻 Sherrod DeGrippo... @sherrod_im
36K Followers 7K Following Weird security voyeur. Vibe merchant. CISO of your 🩷 Official USPS fan account. 🎉 Host of THE Microsoft Threat Intelligence Podcast. I like crime actors.
Heather Adkins - Ꜻ ... @argvee
14K Followers 1K Following VP Security @Google, Co-Author "Building Secure and Reliable Systems" @r00t0wns, Medieval Historian
tina 🎀 @tinyxtina_
6K Followers 529 Following n00b🤪| #CyberSecurity #InfoSec #womenintech | just a lost dev swimming in a terminal | INFJ | she/her | i said what i said.
𝗛𝟯𝗞𝗧l𝗖 @H3KTlC
42K Followers 2K Following #infosec engineer | all things gaming | void hunter | will shitpost | i like to lift weights & play piano | los angeleno currently in twin cities | fight on✌️
Maril Vernon (Find me... @shewhohacks
10K Followers 377 Following “The One Woman Purple Team” Sr Sec Eng @ Aquia. Host of @TheCyberQueens Podcast. For help breaking in to #cybersecurity see @FearlessSec and @Maekshyft.
Jason Craig - infosec... @3141592f
797 Followers 674 Following Extremely Hardcore full spectrum middle manager. ex red team, blue team @ Pinterest, Dropbox , Facebook, Yahoo!, etc⚡️⚔️🛡🗝🤫 Knows Mike Schwartz.
Fredrich Maney @fredrichmaney
245 Followers 879 Following CISSP, ISSAP, CCSP | Kempo Black Belt | MM | Wanderer Personal account. I speak only for myself. IMHO. IANAL. Assume positive intent.
Julian @MoralCyber
15 Followers 133 Following Dabbles in stuff | all things malware & intel, detections, programming, lots of sporty things | #threatintel @PwC | All views my own.
Adilson G. @AdilsonG13
17 Followers 696 Following
Timothy Peacock @_TimPeacock
841 Followers 52 Following Sr PM Google Cloud Security, co-host @cloudsecpodcast. Reducing info risk, increasing physical risk w/ motorcycles and skis. It should just work. (he/him)🏳️🌈
C:\hristina @divinetechygirl
23K Followers 7K Following Information Security Leader & Published Author • Leading InfoSec & Cyber @ 🏈 • Love a fitted but I don’t 🧢
Tim Nguyen @methodtim
4K Followers 826 Following Director, Detection & Response @Google. Opinions mostly stolen from people smarter than me. #BlackLivesMatter
JamesImanian@infosec.... @james_imanian
171 Followers 606 Following Chief, Threat Informed Defense for SAIC. Views are my own.
PlantDaddy 🇳🇬�... @_PlantDaddy
709 Followers 1K Following SIEM & Cloud Engineer | Snowboarder 🏂 | OG Plant Pops 🌱| | Investor | ⚡️ 🧘🏿♂️
Iman Ghanizada @ImanGhanizada
1K Followers 690 Following building. author/investor/xoogler/cybersecurity executive.
Tom Hall @thall_sec
469 Followers 263 Following Director, Cyber Incident Response and Remediation @PwC_UK. Ex Mandiant. All thoughts are my own.
Virtual Routes @VirtualRoutes
5K Followers 4K Following Virtual Routes tackles the impact of digital and emerging technologies on global affairs. Also check out @bindinghook, our media outlet.
Mathew @Mathewchao
31 Followers 593 FollowingTrends for United States
197 B posts
72,6 B posts
55,7 B posts
77,8 B posts
236 B posts
67,1 B posts
190 B posts
41,2 B posts
55,8 B posts
24,8 B posts
7.963 posts
3.306 posts
5.535 posts
7.104 posts
5.444 posts
5.223 posts
4.290 posts
4.154 posts
125 B posts
12,2 B posts
You might like
Steve YARA Synapse Mi...
@stvemillertime
17K Followers
Van
@Wanna_VanTa
4K Followers
Dan Perez
@MrDanPerez
4K Followers
Bryce
@bryceabdo
7K Followers
nick
@3dRailForensics
2K Followers
Rufus
@rufusmbrown
1K Followers
Mathew
@mittypk
1K Followers
Steve Stone
@stonepwn3000
1K Followers
Tyler McLellan
@tylabs
3K Followers
Willi Ballenthin
@williballenthin
7K Followers
Adrien B
@Int2e_
2K Followers
Jared Wilson
@JWilsonSecurity
2K Followers
bk (Ben Koehl)
@bkMSFT
3K Followers
Aaron Stephens
@x04steve
3K Followers
⚛️ Marcin Siedlar...
@siedlmar
2K Followers