Our host, @jsecurity101 is known as a telemetry guru. In Episode 27, he talked about the importance of knowing which telemetry source to use for your detection. Want to see the answer to his question? Find the full length episode with Roberto Rodriguez 🇵🇪 wherever you listen to podcasts!

Any time I’ve had a question revolving telemetry, @jsecurity101 has either had the answer or knows how to find it. This episode is packed with excellent discussion on these topics!

DCP isn't always dedicated to #infosec topics - @jsecurity101 and Matt Hand had a quick discussion on work-life balance in our field. If you want to see the rest of the episode, you can find us wherever you consume podcasts: dcppodcast.com/links

🚀 Episode 22 was an eye-opening conversation with InfoSec expert Nasreddine Bencherchali! In this episode, we explore the world of EDR, and the intricacies of alerting mechanisms. Watch the full episode now! 🎧 #InfoSec #EDR #CyberSecurity

Two words: Telemetry Guru

In Session 8 of DCP Live, @jsecurity101 gave us a quick run-through of function call stacks. This is a concept that we have been developing in the past few live sessions, so make sure you're caught up before Session 9 TONIGHT at 9:30 Central/7:30 Pacific! #infosec #security #dcp

DCP Live - Session 9 x.com/i/broadcasts/1…

In prepartion for our upcoming webinar on Defining Tier zero with Jonas Bülow Knudsen and Elad Shamir, let's ask a question. Is the Account Operators group in AD considered Tier Zero?

Us SpecterOps will be out in force for Black Hat USA 2023! We have Arsenal presentations, demos and presentations at our booth, and our full compliment of training courses available! It's gonna be a great time, follow the link below to see everything! ghst.ly/blackhat2023

We're thrilled to announce BloodHound Community Edition (CE) -- the next evolution of #BloodHound. Scheduled for release on 8/8, BloodHound CE has many new features & enhancements, making it easier for users to deploy, manage, and utilize. Learn more: ghst.ly/458lIGX

💡 WHAT IS PURPLE TEAMING AT SPECTEROPS? SpecterOps recently introduced our Purple Team service offering, but what is it? We define it as "the evaluation of security control efficacy through atomic testing using deliberately selected test cases." ghst.ly/3EUVRHB

How can defenders reclaim control over the domain after discovering a #cyberattack where the adversary has domain persistence? ⚔️ Nico Shyne & Joshua Prager share how adversaries gain and sustain access within a domain as well as recovery strategies. ghst.ly/473jauU

This type of "I wrote what I needed and couldn't find" post is extremely valuable. Definitely worth a read if you need a refresher on remediation and recovery from a domain-level event!

I can't encourage in-person attendance enough if you're able to make it! There will be a lot of great opportunities (like 3 different CTF's you can choose from), and there's no substitute for the instructor interaction and access you get by being in the same building.

Our upcoming VIRTUAL Adversary Tactics: Detection training will enable you to build robust detections, starting with the why and going all the way to the technical implementation of detecting threat actor activity. Register 👉 ghst.ly/SOCON24DTNtw

I'm excited to get my latest blog post about purple team efficacy out into the wild! You may feel like the point I'm making is obvious, but I'd argue that a lot of concepts seem obvious only when you're faced with an argument on it's behalf. posts.specterops.io/to-infinity-an…

If you liked my post yesterday, this one from Jared builds on it in a big way!

My On Detection series continues. In part 14 I look at a “special” subset of operations that require a bit more detail to facilitate accurate detection. While this topic is more focused on the model, I finish the post by analyzing one of the variants of PoolParty Injection!

There's been lots of reporting on the campaign against Snowflake DB, so I thought it'd be useful to look at it from an Attack Path PoV. This post shows how you can create an graph for your SNOW deployment & what that tells us about the campaign. posts.specterops.io/mapping-snowfl…

Don't miss out on our Adversary Tactics: Detection training at #BHUSA! Boost your defensive capabilities & learn a methodology to engineer detections based on attacker TTPs, analyze host info, & build threat hunting hypotheses. Register ➡️ ghst.ly/bhusa-atd