Check out my newly updated @sigma_hq course - Refreshed content to include all the great changes happening with the Sigma project! https://t.co/ijM4f0w31e #DetectionEngineering #InfoSec #SIGMA

We have just released @RueValley! This narrative RPG, inspired by games like Disco Elysium and classic Lucas Arts adventures, was developed by Emotion Spark Studio, and we helped them along the way as a publisher. Check out Rue Valley Release Trailer: #RueValley #RueValleyGame

the kids are quoting Chaucer

Watch out for Ea Nasir this Halloween!

Regression (True Positive) testing is coming to @sigma_hq starting from the next rule release in December. We will introduce a new CI that will validate a rule against a log. We will start with EVTX logs and extend beyond to other formats and logsources We're also introducing a

Why do investigative playbooks work? #SOC #DFIR 1. In any given investigation, analysts ask investigative questions that they answer with data (evidence) to determine what happened and if malicious activity occurred.

New Sigma release r2025-10-01 is available for download. 🌟37 New Rules 🛡️16 Rule updates 🔬45 Rule Fixes Here is a quick overview: - New AWS and Github based rules covering deletion of VPC flows, KMS imports, changing archive status or pages of a repo - Winrs usage as a

We’d love to see more feedback from orgs that rely on Sigma rules Even simple stats from production use are valuable. - A rule of level high that triggered 236,992 times probably needs rework. - A rule of level critical that triggered 234 times probably needs rework. - A rule of

Thanks to everyone who attended. It's good to be back in Augusta. The links I mentioned can be found here:

Really looking forward to this!

A week from now, I'll be speaking at @securityonion con alongside my good friend @DefensiveDepth. We'll talk about human-centric investigation playbooks and how those manifest in Security Onion now. Hope to see you there in Augusta! https://t.co/4q3Tt0HVNG

I wrote a comic about AI art

I'm delighted to stand alongside some esteemed colleagues at the Golden Joystick Awards, for Sword of the Sea! Now let's all go vote for Expedition 33!

HAPPY C4 DAY TO ALL WHO CELEBRATE

ONLY A FEW HOURS MORE TO CAMPAIGN 4⃣✨ We can't wait to see you at the table as #CriticalRole Campaign 4 kicks off TONIGHT at 7PM PT on https://t.co/cVODqkef0g, YouTube, and Twitch!

Happy Tuesday! Always remember and don't ever forget: You can just do things! ✅Don’t give in to imposter syndrome or learned helplessness ✅Initiative isn’t given, you take it! ✅You are empowered

🌒HADES II v1.0 is OUT NOW!!🌘 Battle beyond the Underworld in our bewitching sequel to the godlike roguelike. Go Kill Time!

🚀Security Onion 2.4.180 now available including new features, updated components, and quality of life improvements! See 🧵 thread below for more details!

Sometimes it's nice to remember that even Marcus Aurelius was like "you don't have to comment on everything bro"

Two biases quietly shape how you investigate every day: authority bias and automation bias. Let’s break down how they work, how they're *related*, and how they can burn you. 🧵

My Intrusion Detection Honeypots book turns 5 years old today! It's the most fun book I've ever written, and I still think it's the one the industry needs the most.