Brendan Chamberlain
@infosecb.bsky.social
Threat Detection Engineer @ Klaviyo | Detection & Response | Security Automation | macOS Security | Maintainer of awesome-detection-engineering, LOOBins
infosecb.com
https://github.com/infosecB
infosecb.com
https://github.com/infosecB
Today I'd like to share a tool I recently wrote called Rulehound. It's a detection ruleset catalogue and search engine containing over 7,500 rules from 5 distinct sources. More details in thread.
rulehound.com
rulehound.com
Rulehound
The front page of threat detection rulesets.
rulehound.com
April 10, 2025 at 10:16 AM
Today I'd like to share a tool I recently wrote called Rulehound. It's a detection ruleset catalogue and search engine containing over 7,500 rules from 5 distinct sources. More details in thread.
rulehound.com
rulehound.com
I recently stumbled upon roadmap.sh - it's a great resource for self-learners that appreciate some structure.
For anyone who might find it useful, I threw together a basic "Threat Detection Engineer" roadmap:
roadmap.sh/r/threat-det...
For anyone who might find it useful, I threw together a basic "Threat Detection Engineer" roadmap:
roadmap.sh/r/threat-det...
Roadmaps
Community driven roadmaps, articles and guides for developers to grow in their career.
roadmap.sh
January 18, 2025 at 6:07 PM
I recently stumbled upon roadmap.sh - it's a great resource for self-learners that appreciate some structure.
For anyone who might find it useful, I threw together a basic "Threat Detection Engineer" roadmap:
roadmap.sh/r/threat-det...
For anyone who might find it useful, I threw together a basic "Threat Detection Engineer" roadmap:
roadmap.sh/r/threat-det...
In the latest addition to awesome-detection-engineering, the team at Google outlines 5 important principles for driving a highly effective threat detection program. Check it out here:
cloud.google.com/transform/ho...
cloud.google.com/transform/ho...
How Google Does It: Modernizing threat detection | Google Cloud Blog
Get an inside look at Google’s approach to modern threat detection and response, part of our new "How Google Does It" series.
cloud.google.com
January 10, 2025 at 1:40 PM
In the latest addition to awesome-detection-engineering, the team at Google outlines 5 important principles for driving a highly effective threat detection program. Check it out here:
cloud.google.com/transform/ho...
cloud.google.com/transform/ho...
Check out the latest addition to awesome-detection-engineering: AttackRuleMap
AttackRuleMap is a clean and easy to use table of MITRE ATT&CK techniques and any associated Sigma or Splunk rules. Thanks krdmnbrk for the add!
attackrulemap.com
AttackRuleMap is a clean and easy to use table of MITRE ATT&CK techniques and any associated Sigma or Splunk rules. Thanks krdmnbrk for the add!
attackrulemap.com
ARM - AttackRuleMap
Mapping of open-source detection rules and atomic tests.
attackrulemap.com
January 4, 2025 at 4:00 PM
Check out the latest addition to awesome-detection-engineering: AttackRuleMap
AttackRuleMap is a clean and easy to use table of MITRE ATT&CK techniques and any associated Sigma or Splunk rules. Thanks krdmnbrk for the add!
attackrulemap.com
AttackRuleMap is a clean and easy to use table of MITRE ATT&CK techniques and any associated Sigma or Splunk rules. Thanks krdmnbrk for the add!
attackrulemap.com
Reposted by Brendan Chamberlain
Tickets for #SkiCon are now on sale! There’s a very limited amount so gets yours while you can!
skicon.tickit.ca/events/27355
skicon.tickit.ca/events/27355
Get Tickets – SkiCon 2025
SkiCon is where après ski, snowboarding and infosec meet! We aim to join the outdoors and winter sports with cybersecurity research. We differ from most security conferences and hacker gatherings as w...
skicon.tickit.ca
December 27, 2024 at 6:26 AM
Tickets for #SkiCon are now on sale! There’s a very limited amount so gets yours while you can!
skicon.tickit.ca/events/27355
skicon.tickit.ca/events/27355
I'm excited to share that we're hiring for a Detection Engineer at Klaviyo.
Come work with me and a team of highly talented Detection & Response Engineers as we build an innovative and highly effective threat detection program.
www.klaviyo.com/careers/jobs...
Come work with me and a team of highly talented Detection & Response Engineers as we build an innovative and highly effective threat detection program.
www.klaviyo.com/careers/jobs...
Security Engineer, Threat Detection
www.klaviyo.com
December 20, 2024 at 7:03 PM
I'm excited to share that we're hiring for a Detection Engineer at Klaviyo.
Come work with me and a team of highly talented Detection & Response Engineers as we build an innovative and highly effective threat detection program.
www.klaviyo.com/careers/jobs...
Come work with me and a team of highly talented Detection & Response Engineers as we build an innovative and highly effective threat detection program.
www.klaviyo.com/careers/jobs...
Reposted by Brendan Chamberlain
Me and every parent I know right now
December 18, 2024 at 6:02 PM
Me and every parent I know right now
Reposted by Brendan Chamberlain
Ultralytics, a python package with close to 6.4 million downloads per month, was backdoored to run a cryptominer. Running theory from the reported GitHub issue is a GitHub action injection attack, but theres also evidence that the malicious code was published directly via PyPi and skipped CI/CD
December 7, 2024 at 7:18 PM
Ultralytics, a python package with close to 6.4 million downloads per month, was backdoored to run a cryptominer. Running theory from the reported GitHub issue is a GitHub action injection attack, but theres also evidence that the malicious code was published directly via PyPi and skipped CI/CD
don’t ever settle somewhere where you don’t have this
getting to work with people much smarter than you is such an underrated benefit
December 7, 2024 at 12:27 AM
don’t ever settle somewhere where you don’t have this
Reposted by Brendan Chamberlain
getting to work with people much smarter than you is such an underrated benefit
December 6, 2024 at 11:44 PM
getting to work with people much smarter than you is such an underrated benefit
0xv1n and I added a new way to interface with the LOOBins project! Binaries are now available in a STIX bundle as Tool objects. Threat intel teams can import the bundle into many popular TIPs to help track each binary's relationship to campaigns, threat actors, etc.
www.loobins.io/loobins_stix...
www.loobins.io/loobins_stix...
www.loobins.io
December 4, 2024 at 12:23 AM
0xv1n and I added a new way to interface with the LOOBins project! Binaries are now available in a STIX bundle as Tool objects. Threat intel teams can import the bundle into many popular TIPs to help track each binary's relationship to campaigns, threat actors, etc.
www.loobins.io/loobins_stix...
www.loobins.io/loobins_stix...
Great starter pack for detection engineers or any defensive-focused cybersecurity folks.
Just added a boatload of new detection engineers who joined Bluesky this week. Make sure to check this starter pack out
I made a Detection Engineering starter pack, will be adding more as more folks jump over to bluesky! go.bsky.app/HenXJUR
November 25, 2024 at 1:30 PM
Great starter pack for detection engineers or any defensive-focused cybersecurity folks.
The cold and dark weather + waning sunlight seems to always brings new energy to the open source and content creation community. New LOObins fun + detection-as-code stuff coming soon!
November 24, 2024 at 5:39 PM
The cold and dark weather + waning sunlight seems to always brings new energy to the open source and content creation community. New LOObins fun + detection-as-code stuff coming soon!