Invictus Incident Response @InvictusIR
Helping organizations respond to cyber incidents in the cloud | 🆘 24/7 support via https://t.co/ZXx5E5altB | 📚 https://t.co/GH0u8tmjXJ invictus-ir.com Joined May 2021-
Tweets284
-
Followers2K
-
Following29
-
Likes344
Don’t wait too long, seats are filling up quickly. More info and registration 👇🏼
Don’t wait too long, seats are filling up quickly. More info and registration 👇🏼
Major update to our training: We've added a live lab where you'll get access to a hosted Azure Virtual Desktop to solve the challenges. Everyone who purchased the course in the last 12 months have access. Register: academy.invictus-ir.com/advanced-incid…
It's CTF challenge time @brucon Spring Training! Everyone is battling for the chance to take home the Invictus challenge coin 🏅
@SANSInstitute #DFIR WEBCAST | May 8th, 10AM ET Join @KorstiaanS as he dives into the latest @Microsoft 365 updates, including the Unified Audit Log, & the introduction of Microsoft Graph Activity Logs & EnrichedO365AuditLogs. Register here: sans.org/u/1vCh
📣 New blog on acquiring the Unified Audit Log through the Microsoft Graph API 🔨 The Microsoft Extractor Suite is also updated to include acquisition of the UAL through the Graph 📚 Full blog invictus-ir.com/news/using-mic…
🥇 🥈 🥉 Exciting news for the CTF winners of our cloud incident response training: you now have the chance to earn the prestigious Invictus challenge coin as a reward! Training overview and registration links 👇 invictus-ir.com/news/training-…
🎉 We are looking forward to this, hope to see you there!
🎉 We are looking forward to this, hope to see you there!
We just published our (current) training schedule for 2024 and an update on AWS IR training, registration links and more information in the blog invictus-ir.com/news/training-…
This is the current Top 3 for our Microsoft Cloud Incident Response training. Our vetting procedures might not be airtight 😜 Get in on the action: academy.invictus-ir.com
🚨 Check out our new blog with need to know information for DFIR experts that use the Unified Audit Log (UAL). invictus-ir.com/news/what-dfir… Topics include 👇🏻 1. Premium Audit Operations in the UAL 2. Graph API for the UAL 3. Retention period 4. Search-UnifiedAuditLog weirdness…
We proudly present you... The curious case of DangerDev@protonmail[.]me Follow the story of an AWS incident response from beginning to the end. Lots of interesting actions and a threat actor with AWS skills.. invictus-ir.com/news/the-curio…
Florian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇
SwiftOnSecurity @SwiftOnSecurity
403K Followers 9K Following computer security person. former helpdesk.
Mehmet Ergene @Cyb3rMonk
11K Followers 421 Following 👉 Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR at https://t.co/uAlYlXIpyV - Founder @BluRavenSec | Microsoft Security MVP | #DataScience
Matt Zorich @reprise_99
11K Followers 2K Following @Microsoft GHOST 👻 | https://t.co/HWozKuj5IQ | Tweets are my own
Matthew @embee_research
12K Followers 1K Following Malware Researcher & Reverse Engineer | Creating and Sharing Educational Cyber Content
Dray Agha @Purp1eW0lf
6K Followers 3K Following Security Operations Center Manager @HuntressLabs || "Competition is the law of the jungle, but cooperation is the law of civilisation” - Kropotkin
Ryan "Chaps" Chapman @rj_chap
7K Followers 3K Following DFIR & malware analyst. @sansforensics FOR528 Author & FOR610 Instructor. @CactusCon crew. Husband & father. Comments = own.
Fabian Bader @fabian_bader
7K Followers 651 Following #Security #Azure #AAD #MDE #M365 #AD #PKI Microsoft MVP Tweets and opinions are my own @[email protected]
Phill Moore @phillmoore
8K Followers 3K Following This Week in 4n6 // ThinkDFIR // SANS // CyberCX (DFIR) https://t.co/vLyL2sxTuy I might not know much, but I do know how to Google Tweets are mine
DFIR Diva @DfirDiva
21K Followers 5K Following Jr IR Analyst trying to learn all the things | DFIR Blog for Beginners | Founder @GetYourStart | https://t.co/7cHco4FjUS | @[email protected]
Shayna Stodden @stod_sha
50 Followers 5K Following
Crystal Leyvas @crysta_leyva
18 Followers 3K Following
Markus Einarsson 🇸.. @einarssonm
596 Followers 485 Following Blue teamer, defensive security, digital forensics, incident response, personal productivity, GTD, FIRE, paperless, metalhead. https://t.co/yOP2co2drB
Kelli Mcree @KelliMcree30333
96 Followers 5K Following
Brian Maloney @bmmaloney97
1K Followers 594 Following "Distrust and caution are the parents of security." - Benjamin Franklin
Sebas Nick @Nick127546Nick
33 Followers 441 Following
nop3 @n0p3zed
0 Followers 99 Following
Florianw85 @florianw8557091
128 Followers 514 Following
Tech Group Kenya @JacobChrispinus
52 Followers 468 Following Tech Group Kenya 🇰🇪 Connecting tech lovers across Kenya. We host events, workshops, and projects to inspire, educate, and empower. #TGK
aurelien amiard @aurelien530000
10 Followers 3K Following
Rahul @Rahul05350668
94 Followers 3K Following
Jonas Brauchle @brauch_jo
7 Followers 29 Following
Annett Fleischer @FleischerA73108
0 Followers 43 Following
min0s @qu1rr3ll
3 Followers 19 Following
Stream @x415952
1 Followers 11 Following
Ahmed Elakwah أحم�.. @4kwah
87 Followers 845 Following محتوى عن أمن المعلومات و البرمجة لحد ما يجيبو مدرس برمجة
Ross Worden @ross_worden
46 Followers 885 Following
Manoel Abe @manoelabe08
31 Followers 2K Following 🚀 Entrepreneur 💼 Auditeur en Cybersecurite 🛡️ 👥 Community Manager 📱 💻 Web Developper 🌐 📊 Coach Digital 📈
Omer Baig @obaig11
173 Followers 520 Following NFL, Cyber Security & #DFIR Enthusiast. Opinions expressed are mine, mine to me.
Sahar Mohammed Kalaf @SaharKalaf
2 Followers 76 Following
stee lo @trust1n
20 Followers 232 Following
A @cussiee
60 Followers 1K Following Threat Hunter. ⚽ & 🏈 & 🏎️ & 🎧 not a bot (isn't this exactly what a bot would put in his bio? 🤔🤭
Pua @MrSecOps
16 Followers 73 Following
gauthier l @lawnyg
20 Followers 477 Following Cybersecurity consultant at Microsoft. Tweets are my own.
Irina Chatagnier @irin_chatagnie
76 Followers 5K Following
Veki @vekivac
45 Followers 266 Following
BlueSkjaldborg @BlueSkjaldborg
85 Followers 570 Following Tales for the Skjaldes ⚠️ From high level to low level and back. Everything regarding #blueteam. 🆙️
Zaria Hoemann @hoem_zar
40 Followers 5K Following
(◔‿◔) @MuntherKhalfan
73 Followers 2K Following
Khaled Esheh @KhaledEsheh
59 Followers 2K Following
Espartan @eltitomorrins
4 Followers 123 Following
hcss2013 @hcss2013
16 Followers 368 Following
serdar hızal @serdar_jackson
39 Followers 429 Following
InfoSec Hitchens @InfoSecHitchens
27 Followers 94 Following Reborn from digital oblivion, I fuse Hitchens' sharp wit with deep InfoSec insights. Piercing, incisive cyber security discourse awaits.
Nicolai van Veen @Nicolai_85747
8 Followers 676 Following Interested in Cybersecurity, Tech, Gaming, OSINT, Politics and (Military) History. ❤️ pannenkoeken and motorcycles. I am here to learn.
erm4 @er1cm4
19 Followers 71 Following
John Sanders @Sandman46615
149 Followers 1K Following
Yore Mam @mam_yore39850
8 Followers 22 Following
- @Eduardo_Reta_Ed
114 Followers 2K Following
dig_for_president @Mattew_DIG
172 Followers 2K Following
Amitai Cohen 🎗️ @AmitaiCo
1K Followers 576 Following ✦ researching threats @wiz_io 🐞 maintaining vulns @cloudvulndb 🎙️ casting pods @ https://t.co/9Jsah9BjbO 🦣 https://t.co/Qass9GdKfX
Liam @liammnusnu
880 Followers 5K Following (Senior) Cyber Threat Intelligence analyst, and general info sec. Happiest in wireshark, or a terminal. 🏴
Florian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇
vx-underground @vxunderground
292K Followers 211 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
SentinelOne @SentinelOne
52K Followers 1K Following ONE autonomous platform to prevent, detect, respond, and hunt. Do more, save time, secure your enterprise: https://t.co/N75g1HAnCs 🐱💻
SANS DFIR @sansforensics
104K Followers 98 Following The world's leading Digital Forensics and Incident Response provider. This feed updates you on latest DFIR news, events, and training.
Fabian Bader @fabian_bader
7K Followers 651 Following #Security #Azure #AAD #MDE #M365 #AD #PKI Microsoft MVP Tweets and opinions are my own @[email protected]
Phill Moore @phillmoore
8K Followers 3K Following This Week in 4n6 // ThinkDFIR // SANS // CyberCX (DFIR) https://t.co/vLyL2sxTuy I might not know much, but I do know how to Google Tweets are mine
Chad Tilbury @chadtilbury
23K Followers 624 Following Digital forensics and incident response. Ex-AFOSI, Mandiant, and CrowdStrike. SANS Institute Fellow and co-author of #FOR500 and #FOR508 courses.
Black Hat @BlackHatEvents
403K Followers 2K Following The World's Premier Technical Cybersecurity Conference Series
fwd:cloudsec @fwdcloudsec
4K Followers 73 Following Non-profit cloud security conference. June 17-18, 2024 in Arlington, VA. September 17, 2024 in Brussels, Belgium.
Aura @SecurityAura
4K Followers 542 Following GCIH, GCFE | Manager | DFIR, Threat Hunting, Detection Engineering | @CuratedIntel Contributing DFIR Member https://t.co/foDR8PkDI7
Beau Bullock @dafthack
17K Followers 683 Following Hacker, trainer, and guitarist | Black Hills InfoSec #RedTeam | @BreakForge Training | Produces music to hack to at @N0BANDW1DTH
BertJanCyber @BertJanCyber
3K Followers 514 Following SOC Lead | https://t.co/Tu1l2ZFe0T | Microsoft Security MVP | Blue & Purple Team | SOC | SIEM | Threat Hunting | Detection Engineering | #KQL |
Binalyze @binalyze
4K Followers 2K Following The official Twitter account for Binalyze, leading the way with our Simply DFIRent software solution. Supporting and empowering DFIR specialists worldwide.
BruCON @brucon
10K Followers 2K Following Belgian Information Security Conference | #BruCON0x10 (16th edition) Spring Training 17-19 April 2024 | Training 16-18 Sept - Conference 19-20 Sept 2024
J. Burns Koven @JBurnsKoven
1K Followers 815 Following CTI @Chainalysis | Former intel officer | Views are my own
Marco Lancini @lancinimarco
6K Followers 411 Following 💼 Principal Security Engineer 📚 Writing https://t.co/TrQKzxfnYg 💬 I tweet about Cloud Security and technical leadership ✍🏻 Subscribe to https://t.co/MR69KiF8RH
Timo Müller @mtimo44
82 Followers 102 Following
Mandiant @Mandiant
125K Followers 4K Following
Jaron Bradley @jbradley89
3K Followers 300 Following MacOS Intrusion Analyst, APT Smiter , Haole. Author of OS X Incident Response Scripting and Analysis Owner of https://t.co/oApHpiRaQ0
Renzon @r3nzsec
3K Followers 831 Following Technical Director, Incident Response @Unit42_Intel | Co-Founder @guidemtraining | Contributor/Analyst @TheDFIRReport | CTF member @_hackstreetboys
J. A. Guerrero-Saade @juanandres_gs
15K Followers 255 Following AVP of SentinelLabs @ SentinelOne. Distinguished Fellow @ Hopkins SAIS Alperovitch Institute. LABScon Founder, Cyber Paleontologist, Fourth-Party Collector.
Hatching @hatching_io
6K Followers 59 Following Cybersecurity specialists focused on malware sandboxing. Hatching Triage Unlimited, free, and state-of-the-art sandboxing at https://t.co/Z0pc40OMYO
Curtis @cybershtuff
452 Followers 280 Following Threat Intelligence | ثريت انتل | OSINT | All views my own
Pierre @pigerlin
688 Followers 131 Following Analyst @TheDFIRReport | Passionate about all things DFIR 🇳🇱
SANS Institute @SANSInstitute
188K Followers 376 Following SANS is the most trusted and by far the largest source for information & cyber security training, certification and research in the world.
Korstiaan @KorstiaanS
390 Followers 327 Following Founder of Invictus Incident Response @InvictusIR | DFIR enthousiast | https://t.co/qgFI02Nro1#BHUSA Training "Advanced Cloud Incident Response in Azure and Microsoft 365" offers a comprehensive guide to incident response in the Microsoft Cloud, covering various topics essential for handling threats and attacks. Register here >> bit.ly/3UlA6I5
IN ONE WEEK! @SANSInstitute #DFIR WEBCAST will air May 8th, 10AM ET Join @KorstiaanS & discover how the @Microsoft 365 updates are reshaping the realm of forensics & incident response in the cloud Register here: sans.org/u/1vCh
@SANSInstitute #DFIR WEBCAST | May 8th, 10AM ET Join @KorstiaanS as he dives into the latest @Microsoft 365 updates, including the Unified Audit Log, & the introduction of Microsoft Graph Activity Logs & EnrichedO365AuditLogs. Register here: sans.org/u/1vCh
All the queries from the KQL book that we wrote are now available on the books official repo for you to explore and use. If you buy the book, you will get all the context with them, like why we favour some operators over others, but have a read either way! aka.ms/KQLMSPress/Git…
@InvictusIR have you seen the UAL entries for the operation "AttachmentAccess"? Not seeing any documentation for this one but seeing it logs with a "RESTsystem" user agent.
💥 Interesting Cloudtrail event names to keep close Given the rapidly growing number of AWS services and their corresponding Cloudtrail event names, tracking what is essential for security might be frustrating. 👏 Shout out to the guys at @InvictusIR for providing a…
Just added additional PowerShell scripts (e.g. OAuthPermissions-Analyzer) to my Microsoft-Analyzer-Suite. Automated Processing of Microsoft 365 Logs and Microsoft Entra ID Logs extracted by Microsoft-Extractor-Suite. @InvictusIR #M365 #BEC #DFIR github.com/evild3ad/Micro…
#BruCON0x10 spring training is ready to be kicked off tomorrow! #HackingForBeer 🍺
DON'T MISS IT! @SANSInstitute #DFIR WEBCAST with @KorstiaanS at 10AM ET Discover how the @Microsoft 365 updates are reshaping the realm of forensics & incident response in the cloud equipping organizations with robust security strategies. Register here: sans.org/u/1vCh
💡 Just discovered this nice combination for authenticating MS Graph PowerShell with an access token, for example copied from an intercepted request in Azure portal Connect-MgGraph -AccessToken (Read-Host -AsSecureString) Thanks to @mariussmellum ➡️ youtu.be/jMOFWVOm-Y4?t=…
Had a blast at SANS DFIR NetWars in London last week, topping the leaderboard among 60+ participants! Great host as usual @kevinripa Thanks for an amazing event and loved meeting the instructors @4enzikat0r @iamevltwin @SANSEMEA
@SANSInstitute #DFIR WEBCAST | May 8th, 10AM ET Join @KorstiaanS as he dives into the latest @Microsoft 365 updates, including the Unified Audit Log, & the introduction of Microsoft Graph Activity Logs & EnrichedO365AuditLogs. Register here: sans.org/u/1vCh
What DFIR experts need to know about the current state of the Unified Audit Log invictus-ir.com/news/what-dfir… >> Nice synopsis to get you up to the state of the art!
I will be discussing new log sources and acquisition methods for M365 forensics. See you there 🫡
.@SANSInstitute #DFIR WEBCAST | May 8th, 10AM ET Join @KorstiaanS for an in-depth webcast as we explore the recent advancements in logging and auditing within Microsoft 365 environments. Register here: sans.org/u/1vCh
@InvictusIR UALGraph-Analyzer is planned. OAuthPermissions-Analyzer is next! 😉
Check out my new project Microsoft-Analyzer-Suite (Community Edition). A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID extracted by Microsoft-Extractor-Suite. @InvictusIR #M365 #BEC #DFIR github.com/evild3ad/Micro…
The first batch of tickets for fwd:cloudsec Europe will open in just 1 hour! (9:00 CEST) Get ready: for the first European edition, spots are limited! A second batch of tickets will be available at 19:00 CEST.
Even if you’re not rolling incident response in your M365 env. & just want to peak under the covers. @InvictusIR has a wicked module / set of powershell scripts for you - IR scripts by IR people for IR people. github.com/invictus-ir
The CFP for fwd:cloudsec Europe is now open! We're looking for practitioner-focused cloud security content, and we encourage all practitioners to submit, whatever your role or level of experience. The CFP will close on June 28th. Read more: fwdcloudsec.org/conference/eur…
Trends for United States
You might like
