Trending

#OpenTIDE

Latest posts tagged with #OpenTIDE on Bluesky

Latest Top
Trending
#Ukraine Conflict #U.S. Foreign Policy #F1 #Chinese Grand Prix #SNL #Venezuela Baseball #AEW Collision #Six Nations #Newcastle United #Arsenal vs Everton #Ukraine Conflict #U.S. Foreign Policy #F1 #Chinese Grand Prix #SNL #Venezuela Baseball #AEW Collision #Six Nations #Newcastle United #Arsenal vs Everton

Posts tagged #OpenTIDE

Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
1 month ago

@timb_machine I kind of like your post about how you threat model for customers in Cisco, it would be cool if you then extended the service to provide #OpenTide mapped threat graphs mapped to detections for them, as (some unnamed consulting houses) are doing.

1 0 0 0
Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
1 month ago
Preview
Axioms of Security and Rule-Based Capabilities Security efficacy has diminishing value, at some point, as rule quantity grows Rule count is not an absolute measure of successful coverage Coverage is not an absolute measure of security Alert count has an inverse relationship with their manageability Threats are not static Security posture is temporal and so only instantaneously representative

@timb_machine One day when we read links like br0k3nlab.com/resources/axioms-of-secu... people will have read the #OpenTide white paper and realized how it changes the conversation about #detectioncoverage but this day was not today.

0 0 0 0
Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
2 months ago

@infosecb thanks for adding #OpenTide to the awesome list!

0 0 0 0
Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
4 months ago
Original post on mastodon.social

This #detection #SOC post #detectfyi is very good, and I agree fully up to a point. Where my opinion, and #OpenTIDE starts to diverge is for the final paragraph on coverage discussions and documentation. Its possible to do better than this now. And detection depth as a number of detection points […]

0 0 0 0
Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
5 months ago

RE: https://infosec.exchange/@cR0w/115231138483939791

Don't you wish we could also collaborate defensively, become force multipliers for each other?

We can. Check out #OpenTIDE

0 0 0 0
Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
6 months ago

#DetectionEngineering #OpenTIDE
So #Cloudot will help you empirically map attack telemetry, create it and allow you to try to test your detections also

0 0 0 0
Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
6 months ago
Post image Post image

Now Itay Gabbay releases Cloudot, a tool to help you with #DetectionEngineering in cloud.

The tool looks like a serious chunk out of the #OpenTIDE backlog!

0 0 1 0
Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
6 months ago

@logwyrm add #OpenTIDE in the mix and deploy as code :)

0 0 1 0
Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
7 months ago

@joshbressers you run the opensourcesecurity podcast then? Nice! Did you consider doing an episode on #OpenTIDE ?

0 0 0 0
Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
9 months ago

@nopatience Sounds great. Now, for detection logic, if this gets shared as #OpenTIDE format, then some extra benefits accrue.

0 0 0 0
Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
9 months ago

If you’re #purpleteam ’ing without #OpenTIDE, why don’t you want your work to be actionable for your #SOC #DetectionEngineering :P

0 0 0 0
Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
10 months ago
Preview
We’ve just added translation from Sigma Rules to OpenTIDE Managed… | Andrii B. We’ve just added translation from Sigma Rules to OpenTIDE Managed Detection Rule format! In anticipation of EU ATT&CK Community Workshop tomorrow, we follow on the mission on equipping the global detection engineering community with latest technology, for free. How free? 1. Translation from Sigma to OpenTIDE is free 2. Splunk SPL, Microsoft KQL and Carbon Black Cloud are supported too. 3. 21,298 rules are compatible with OpenTIDE MDR 4. Absolutely free rules include 10,646 for Microsoft Sentinel KQL, 8,942 for Splunk SPL, 3,389 for Carbon Black Cloud and finally 5,378 Sigma rules! How to make it all work together? Don’t miss the ATT&CK EU event tomorrow, live and online. This is just one of the things we’re sharing with the world, and I’m highly anticipating OpenTIDE creators presentation.

This is pretty HUGE news #OpenTIDE and #DetectionEngineering in general! www.linkedin.com/posts/andriimb_weve-just...

0 0 0 0
Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
10 months ago
Original post on mastodon.social

From @BSidesLV 2024 -> Ezz uses ML to cluster events without any performance impact on the SIEM and using Attack Flows to help identify the right elements to try to cluster:

www.youtube.com/watch

This will work excellently […]

0 0 0 0
Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
10 months ago
Original post on mastodon.social

Please everyone interested in #SOC or #DetectionEngineering read this by @letswastetime its a fantastic post: dispatch.thorcollective.com/p/detection-in-depth

I can only think of one thing missing - which is the actual enumeration of threat vectors and how they chain together to allow […]

1 0 0 0
Claus Cramon Houmann
Claus Cramon Houmann
@claushoumann.mastodon.social.ap.brid.gy
1 year ago
Original post on mastodon.social

This post by Jamie Williams on the THOR Dispatch collective dispatch.thorcollective.com/p/see-evil-thrunt-evil-m... See Evil, Thrunt Evil – Modelling Behaviors is a Critical Thrunting Prerequisite is very correct in that it says you need to not look at threat actor […]

0 0 0 0