Yes please.

The struggle is real. 🤷‍♂️

Keep an eye out for our presentations. 🕴️

Listen to this guy.

Paper link here: https://t.co/0NEirICX9k. We disclosed our results to the surveyed company’s, @MITREattack and CITD, and will be also be presenting these results at ATTACKCon 5.0 this Fall.

To understand how @MITREattack is used in commercial endpoint detection products, @avirkud4 led an analysis of the ATT&CK technique annotations in the @carbonb1ack, @splunk, @elastic, and Sigma rulesets.

Upcoming at @USENIXSecurity’24 — In (academic) systems security research, name checking @MITREattack has been the “peer review armor” of choice for a lot of work recently. But do these papers understand what ATT&CK is(n’t)? What about commercial products?

Traditionally in ML, building models is the central activity and evaluation is a bit of an afterthought. But the story of ML over the last decade is that models are more general-purpose and more capable. General purpose means you build once but have to evaluate everywhere.

Every person who you mentor is a unique individual, and none of them are you. Mentoring isn’t about sharing what you would do, but exploring what’s best for them to do.

Woooooo great job @MuhammadAdilIn1 !!!

Tomorrow morning in Session 9C (9am, Bayview AB) — system auditing research may not be sexy, but it has *exploded* since 2015. Come watch @MuhammadAdilIn1 and I break it all down for you in our data provenance SoK, “History is a vast early warning system!”

Excited to announce that our *data provenance* SoK, "History is a Vast Early Warning System: Auditing the Provenance of System Intrusions," has been conditionally accepted to @IEEESSP #Oakland23. Before finalizing the camera-ready paper, we need your help!

A great ride with @MuhammadAdilIn1 @wajihulhasan @AliThespy @AdamBatesOrg and other collaborators to @NDSSSymposium! #NDSS22 It's eye-opening when @wajihulhasan first showed me that configurations can be as crazy as part of attack vectors by presenting CVE-2016-7790 in CS 523.