Thoughts on LLMs writing detection rules, and why I’m not impressed: LLMs are good at one thing – predicting the next most plausible word in a sentence. That’s why most AI-generated detection rules are only good at one thing as well: looking plausible. On first glance they seem

A glimpse at the red-hot AI security startup space techoperators.com/landscape

🔥 Researchers at Binarly find the XZ Utils backdoor in publicly available Docker Images BINARLY🔬 binarly.io/blog/persisten…

Just posted my DEF CON slides (talk #1): "Mastering Apple's Endpoint Security for Advanced macOS Malware Detection" Writing 🍎 security software? You should be using Endpoint Security! But its advanced features are rather nuanced & often misunderstood 🫣 speakerdeck.com/patrickwardle/…

I think people who only live in a world where potential victims merely harden against attack are the naive ones. In my world, the "victims" are targets, and they hit back. But please adversary-splain me. 😆

Andrew Thompson “and your freedom is gone” would be a great way to destroy defcon’s brand and comes off as extreme punishment for a kid throwing sand in a sandbox. However your post does exhibit a commonality with why we have this issue: lack of contextual nuance. We have far too few people

Devon Kerr I think I feel like I can breathe for a second when I can reliably detect or disrupt their activity across 60% or more of the collection+stack I have available

[New Blog 📚] The Fragile Balance: Assumptions, Tuning, and Telemetry Limits In Detection Engineering If you ever struggle with false positives and the idea of tuning detections. This is for you. Read More - nasbench.medium.com/the-fragile-ba…

Nasreddine Bencherchali Good stuff! Love the details here. One thing that gives me confidence to tune aggressively (maintain some level of coverage rather than scrapping a rule completely) is using a layered detection approach. What you give up in one rule you can get back or cover in another.

New blog post 😏 ⬡ ⬣ ⏣ binary.ninja/2025/08/12/fun…

One thing I tell leaders privately but will say here is you're a human being like everyone else. You're not a punching bag. There are some people in this world that perceive any social or institutional hierarchical level difference as a free pass to be abusive upwards. Be kind to

My academic career has come to a close. I completed my 3rd (and final) graduation from RIT—this time with an MBA! 🎓 Huge thanks to my mentors and friends who have inspired me and challenged me to pursue Apple security, FOSS, and business: Alex Beaver, Dylan,

What are your plans for tonight? Yeah. I thought so. Hey, our #BSidesNoVA 2025 #CFP is open until 11:59pm ET. Put on that garbage tv show. Order some food. Give us a cool #InfoSec proposal! Security BSides is self-care. We said so. sessionize.com/bsidesnova-202…

I think more people need to spend time evaluating mcp, architecting it, governing it and uh…abusing/testing it to understand the limitations and vectors for compromise.

Every now and then I’m reminded how much content here is just lazy repackaging by uninformed folks engagement farming, which shows a lack of judgment and integrity on account of how much less work it is to simply retweet— but then monetization is impacted…