🚨 BETA COURSE 🚨 New SANS course SEC598 #SecurityAutomation for Offense, Defense, & #Cloud is now open for registration. Special BETA PRICING applies to this run only! This course will sell out. View the syllabus and register here: sans.org/u/1pXX

Quite the turnout for Stephen Sims and Erik Van Buggenhout of NVISO speaking about Building The Always-On #PurpleTeam. #RSA2023 Think we might have to run this as a webcast. Let us know what you think!

How can we ensure purple teaming is not a stand-alone activity and integrate it into Continuous Security Operations efforts? Purple team experts Stephen Sims & Erik Van Buggenhout have an answer in this #RSAC 2023 Top-Rated Session. spr.ly/6011Pms73

Our Day 2 keynote speaker at Hackfest Hollywood in November is Lina Lau (inversecos), delivering some cutting-edge cloud hacking content! The full agenda with all speakers to be announced very soon! sans.org/cyber-security… SANS Offensive Operations

RSA CFP Results: 1 talk Accepted - The Always-On Purple Team: An Automated CI/CD for Detection Engineering with Erik Van Buggenhout 1 talk Declined - The State of Binary Exploitation: How much time do we have left? I fought the urge to do an AI talk! 😈

📅 Join us on May 16 in #Brussels for the 12th EU ATT&CK Community Workshop. Register now for free at eventbrite.be/e/12th-eu-attc… Centre for Cybersecurity Belgium #CenterForThreatInformedDefense #CCBConnectAndShare Speakers: myself, Erik Van Buggenhout Kennedy Freddy Dezeure Nebu Varghese Wojciech Lesicki Ryusuke Masuoka ...

At RSA 2024 SF I'll be doing a co-talk with Erik Van Buggenhout on "The Always On Purple Team: An Automated CI/CD for Detection Engineering" on May 5th at 10:50AM, as well as a Keynote Panel on "The Five Most Dangerous New Attack Techniques You Need to Know About" on May 7th at 4:15PM!

⚠️ Session alert: Did you catch Erik Van Buggenhout, SANS Instructor & Co-founder of @NVISOSecurity, in his compelling session 'From Chatbot to Destroyer of Endpoints: Can ChatGPT Automate EDR Bypasses?' Share key takeaways! RSAConference | #Cybersecurity #TheArtOfPossible

Quick Hackfest Hollywood keynote announcement: Day One Keynote: David Weston (David Weston (DWIZZZLE)) Day Two Keynote: Yarden Shafir (Yarden Shafir) October 28th & 29th in Los Angeles! Register for virtual (free) & in-person attendance here: sans.org/cyber-security…

Learn how to build the always-on purple team through #GenAI automation merged with industry-leading SOC technologies. Speakers Stephen Sims and Erik Van Buggenhout share their methodology, backed by demo, in this recorded #RSAC 2024 presentation. spr.ly/601793i4H

The new 3-day course "SEC535: Offensive AI" is currently in development with "Foster Nethercott" Foster Nethercott, who just joined Twitter/X. I'm really looking forward to this one! It should be set to beta in a few months.

What if your #DetectionEngineering pipeline was always on? 😮 👉 Join Stephen Sims and Erik Van Buggenhout as they show how to automate your detection analytics with a CI/CD pipeline that continuously tests and deploys in real-time. ➡️ Register: sans.org/u/1xK8 #PurpleTeam

🔮 Ready to see the future of #DetectionEngineering? Join Stephen Sims & Erik Van Buggenhout TOMORROW to learn how to create an automated, always-on pipeline that integrates #SOC tech, SIEM/XDR, SOAR, & ChatGPT. ➡️ Register: sans.org/u/1xK8 #PurpleTeaming #Automation

New blog post! Title: Detecting Teams Chat Phishing Attacks (Black Basta) by Stamatios Chatzimangou Link: blog.nviso.eu/2025/01/16/det… #SOC #BlueTeam #Phishing #Sentinel #KustoQueryLanguage #SIEM #BlackBasta

I'll be moderating this panel on continuous penetration testing. The panelists are all active practitioners who will provide insight on their experiences and predictions on this topic, along with the general role of AI and automation as an aid. Chris Dale Erik Van Buggenhout Joshua Wright

Headed to this year's RSAConference? From purple teaming to critical infrastructure to the future of detection and response, here are 12 #RSAC talks we think are worth making time for while there: redcanary.com/blog/security-…

ℹ️ Coming to RSAC™ 2025: Three cutting-edge SANS sessions lined up for Day 2 next Tuesday 🔹 Kubernetes defense w/ Eric Johnson & @thecybergoof 🔹 AI & threat modeling w/ Ismael Valenzuela & Douglas McKee 🔹 Purple teaming w/ Erik Van Buggenhout & Jeroen Vandeleur Get the full lineup →

🤓 I have built an MCP for YARA rule creation and it works pretty great! With DocYara MCP, you can: – Generate YARA rules – Validate and optimize them – Deploy your rule directly to VirusTotal Livehunt I did a full walkthrough on YouTube in the second tweet 👇

"On September 29th, 2025, Broadcom disclosed a local privilege escalation vulnerability, CVE-2025-41244, impacting VMware’s guest service discovery features. NVISO Labs has identified zero-day exploitation in the wild beginning mid-October 2024. The vulnerability impacts both

Our NVISO #IncidentResponse Team has been tracking #VShell campaigns worldwide! More than 1,500 active VShell servers were uncovered, each capable of giving attackers remote control over compromised networks. Read the report here 👇 nviso.eu/blog/nviso-ana…