We are looking for a strong Detection Engineer to join our Threat Detection Team at Databricks . We use the Databricks platform to analyze many TBs of log data each day to protect our customers and employees from threats. If interested, please apply. databricks.com/company/career…

The video of my #RSAC talk is out. Anyone interested in #ThreatHunting will want to check out it! "I Screwed Up Threat Hunting a Decade Ago, and Now We're Fixing it With PEAK" buff.ly/3zrKSWJ

If you're heading to #defcon32 this week, don't miss the "Thrunting or DEATH!" panel on #ThreatHunting at Blue Team Village . I'll speak alongside fellow thrunters on Saturday, August 10, at 4 PM. Stop by and say hello! cfc.blueteamvillage.org/dc32/talk/8FTY…

I love #ThreatHunting #metrics, like this post from Kostas. The #PEAK framework has a section that pretty much agrees with this article. My approach to metrics is "avoid measuring how hard you worked and concentrate on the impact your work had". kostas-ts.medium.com/threat-hunting…

I am excited to share that the #PEAK #ThreatHunting Framework, which I wrote with Ryan Fetterman, D.Eng. and sydney, has been nominated for a SANS Difference Maker award as "Innovation of the Year." Vote here: sans.org/about/awards/d…

ICYMI, I'm thrilled to announce that Ryan Fetterman, D.Eng., sydney, and I have been nominated for a SANS Difference Makers award for the #PEAK #ThreatHunting Framework ("Innovation of the Year"). We'd love your support! Vote: buff.ly/4gEwVpv 🧵

Earlier this month, I sat down with Dave Monnier to talk about #ThreatHunting and #PEAK on the "Future of Threat Intelligence" podcast. Check out the episode here: buff.ly/3YJpNBm #futureofthreatintelligence #cybersecurity #threatintelligence

🚨JOB ALERT🚨 My team (#Splunk #SURGe) is looking for a mid- or senior-level researcher. The job involves participating and leading research teams, then publishing and speaking about what you learn for the benefit of the #cybersecurity community. We are a small team, but very

So excited for tomorrow's Difference Makers Awards. I'm nominated in the "Innovation of the Year" category with my #PEAK #ThreatHunting Framework coauthors Ryan Fetterman, D.Eng. and sydney, and in the Team category for my entire #SURGe family. buff.ly/4izlxfr

The Innovation of the Year Award goes to the individual or team who uses unique approaches to succeed through innovation and risk-taking and/or creating an open-source tool of significant value. This year's Community Winners are David J. Bianco, Ryan Fetterman, D.Eng., and Sydney Marrone

I'm honored to share this SANS Difference Makers Award with my #PEAK #ThreatHunting framework co-authors Ryan Fetterman, D.Eng. and sydney. Thank you to everyone who voted for us and also to everyone using PEAK around the world!

🎯 Introducing PowerShell-Hunter: Your New Favorite Event Log Analysis Tool! 🔍 Tired of drowning in PowerShell logs? We've got you covered: • Smart pattern detection for malicious behaviors • Risk scoring to prioritize threats • Export to CSV/JSON for your workflow •

Big thanks to Katie Nickels and SANS for having the #PEAK #ThreatHunting team (sydney and Ryan Fetterman, D.Eng.) on their livestream today. What a fun conversation, and excellent audience questions too! If you missed it, catch the recording at buff.ly/4iGANqR

New position paper from Adam and myself this morning arguing that LLM cyber evaluations are insufficient to establish risk (thread): arxiv.org/abs/2502.00072

New LLM honeypot just dropped from Splunk ➡️github.com/splunk/DECEIVE

LLMs offer improving capabilities to cyber-attackers. By pairing these capabilities with autonomous 'agents', attackers may soon be able to outsource key stages of their workflow to increase the speed, scale, or precision of their operations lnkd.in/g9YVpJvT Splunk #SURGe

Due to high demand, the CFP deadline for CAMLIS 2025 is extended to next Friday, July 4. Submit your full-length paper or extended abstract here: camlis.org/call-for-papers. The student scholarship deadline remains today!

The Threat Hunter’s Cookbook drops at Black Hat! Huge thanks to my co-author Ryan Fetterman, D.Eng. for bringing this project to life and Ryan K for the forward. Come celebrate with #SURGe and grab a signed copy at @Splunk’s After Party! 🖤 splunk.swoogo.com/splunkafterpar…

It’s here! 🎉 Ryan Fetterman, D.Eng. and I coauthored The Threat Hunter’s Cookbook and we’re thrilled to finally share it. Built for defenders at every level with hunting methods from simple filtering to advanced clustering. 👉 Get the eBook: splunk.com/en_us/form/thr…