Need a Cheat Sheet for the NEW #SecurityOnion 2.4? We've just updated it! You can download the PDF version here: github.com/Security-Onion…

Another year, another GrrCON DFIR CTF. Send me your email if you want to play!

Are you at #GrrCON today? Come check us out at Booth 50 to learn how the NEW 2.4 version of our FREE and OPEN #SecurityOnion platform can help you peel back the layers and make your adversaries cry! #ThreatHunting #Detection #NetworkVisibility #EndpointVisibility GrrCON

Forensic Lunch 1/10/25 with Wyatt Roersma talking about training AI models for DFIR x.com/i/broadcasts/1…

The Forensic Lunch for 1/10/25 with Wyatt Roersma talking about training and fine tuning open source AI models for #DFIR work. hecfblog.com/2025/01/daily-…

Jumped onto this week's @hecfblog Sunday Funday challenge looking at SRUM! thinkdfir.com/2025/01/13/sru… #DFIR

Test Kitchen - Using Cursor - This time with sound! x.com/i/broadcasts/1…

are you ready?!

.ollama is ready to help OpenAI! Give us the word Sam Altman. 🫡 Let's make the world a better place.

Looking to start making yara rules? Check out my fine tuned llm just for that very thing huggingface.co/vtriple/Qwen-2…

Livestream in 4.5 hours.

Just made the YouTube video for the YaraFlux MCP Server with Claude!🤯 Now AI assistants can create YARA rules and detect malware in real-time. Watch all 18 functions in action, from rule creation to hex analysis. Game-changer for youtube.com/watch?v=cN9Qv7… #AIforSecurity #YARA

Cursor Agent is just wild. Now i use Gemini PRO 2.5 to scan the codebase and sonnet 3.5/3.7 to execute code. In this workflow you need 3 things: 1. Detailed project documentation 2. Use multiple AI coding models 3. 50-step implementation plan I spend 30 hours/week on cursor.

You have to go and check out the cool AI things going on in cyber security! This is great to see

If you like Security Onion 2.4.160 and its new features, please like and share the post below to share with your fellow defenders! Thanks!

GrrCON next week. I will be returning to run the DFIR CTF that includes a black badge as a prize. With all the new threats and product vaporware things are in constant flux. How will we be fighting AI powered threats moving forward? Stay tuned….