Alejandro Mayorkas, Secretary of the US Department of Homeland Security: “We need you [the hacker community].” #defcon31 @AliMayorkas

On May 19, 1998 seven intrepid hackers from Boston drove a Ford Econoline van down Route 95 to Washington DC to offer testimony to the Senate Government Affairs committee on the state of computer security in government. Their voices still echo across the Internet today.

A good attack technique is to blend in with infosec noise and look like a false positive. It will give your attack a greater window of opportunity.

Thanks to @anton_chuvakin for our @SANSInstitute webinar on "SOC, Meet Cloud. Cloud, Meet SOC. What Changes — and What Stays the Same?" We also gave cloud detection examples for @splunk & @microsoft Sentinel & how to validate & test them. https://t.co/GceX5WE4b4 #SIEM #SecOps

Looking forward to an educational and entertaining conversation with @anton_chuvakin in our upcoming @SANSInstitute webinar on how #Cloud changes #SecOps! Register: https://t.co/cRTclCplmn @CardinalOps

Big thanks to @anton_chuvakin for presenting at our Black Hat webinar, "SOC Modernization: Where Do We Go From Here?" Anton talked about why we need both process consistency (automation) and human creativity in the SOC. Watch on-demand: https://t.co/WdHX0F9vDb @CardinalOps #cyber

Cybersecurity acronym salad still a mystery? @SANSInstitute @CRITICALSTART @anton_chuvakin can help. #XDR #SIEM #EDR #MDR

How to communicate cyber risk to the C-level? Make it real (to the business), give examples, and keep it simple. @JohnBrennan #GartnerSEC

At #GartnerSEC, @JohnBrennan suggests Congress needs to change our statutory framework to allow govt. agencies to be more proactive in defending private sector from cyberattacks (since 85% of critical infrastructure owned by private sector)… maybe even retaliate? #CyberSecurity

If you're attending #splunkconf22, stop by booth M108 (near Theater A) on Wed. at 4pm to get your free signed copy of this detailed technical history of 0-day #cyber weapons. Written like a spy thriller, featuring hackers, bug-sellers & other crazy characters by @nicoleperlroth

Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act https://t.co/6PtBNd7xtW

2022 data-driven report on #MITRE ATT&CK coverage gaps in enterprise SIEMs shows actual detection coverage & detection quality are far below what most organizations assume. Thanks to @anton_chuvakin for his best practice recommendations in the report. https://t.co/t2w3KimO7f

#GoogleCloud’s survey today is another sign that its battle with #Microsoft in the #security market is intensifying: https://t.co/KjEVP4OBaI with insights from @bambenek @ayoran @misterbisson @rdecker99 #cybersecurity $MSFT $GOOG

SANS webinar featuring @anton_chuvakin about the future of #SIEM – and why many problems that plagued early SIEM users are still with us today. We'll also describe the state of @MITREattack coverage in real-world SIEM deployments. Register: https://t.co/sKqNIKFzP2 @SANSInstitute

"Hackers live in a realm between spaces and times, looking at the hidden connections and occasionally playing a chord on the threads." @daveaitel from "General Relativity is Not Evenly Distributed"

"As a defender, I am more scared about the uncontrollable growth of assets then about the growth of threats" -- [ well, frankly, this is a self-quote, but I catch myself using this a lot these days] :-)

“By promising to be API compatible (including offering S3's eleven-nines durability guarantee and free infrequent access), Cloudflare has cut off nearly all of AWS' remaining "liberties", putting it in "atari".” … and thanks to SCOTUS (ORCL v. GOOGL), you can’t copyright an API.

“When a security person sees a vulnerability, they zoom out and see risk—they see an attacker and what they can access. On the other hand, when a developer thinks about a vulnerability, they see the app—what might go wrong and the maintenance cost of mitigating it.”

https://t.co/w4If1mXlKV

Learn why Microsoft scored highest in threat visibility coverage for @MITREattack for ICS — and why lack of visibility into multi-stage IT/OT attacks like TRITON is a key ops risk. Thanks to @ojalexander + team for helping the community with this effort!