#detections — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #detections, aggregated by home.social.
-
----------------
🎯 Threat Intelligence
===================Opening — Executive summary
This platform aggregates and indexes 8,756 community detection rules from six distinct sources and provides AI-driven coverage analysis mapped to the MITRE ATT&CK framework. The offering includes search, visualization, and AI-assisted analysis features aimed at revealing detection gaps against 172 mapped threat actors.Technical Details — Core capabilities
• Detection Explorer: search and filter the full corpus of 8,756 detection rules with full rule content, ATT&CK mappings, and cross-references.
• AI Chat: natural-language query interface for coverage questions such as “What’s our coverage against APT29?” with structured outputs.
• Coverage Analysis: tactic-level heatmaps, technique gap analysis, and procedure-level breakdowns that show where detections do or do not exist.
• Threat Actor Mapping: coverage assessment against a database of 172 MITRE ATT&CK threat actors.
• Threat Report Analysis: submit threat advisories and receive extracted TTPs with ATT&CK mappings and gap identification.
• ATT&CK Navigator: generate and export Navigator layers for sharing and operational review.Analysis — How it works conceptually
The product links detection rule metadata and full rule content to ATT&CK tactic and technique identifiers, then applies automated coverage heuristics and AI models to surface where detection rules align with known TTPs and where procedural coverage is missing. The AI chat uses LLMs for natural-language mapping and structured answers; frontier models (e.g., Claude Sonnet 4.6, GPT-5.4, Codex, Opus) are available under the PRO tier or via BYOK.Use cases
• Red/blue teams and detection engineers validating ATT&CK coverage and prioritizing rule development.
• CTI teams mapping new threat reports to existing detections and identifying blind spots.
• SOC managers exporting ATT&CK Navigator layers for compliance or reporting.Limitations & considerations
• Coverage depends on the quality and recency of contributed detection rules and mappings.
• AI-driven mappings may require human validation for high-confidence operational use.
• Frontier-model features require PRO subscription or an external API key (BYOK).References & product notes
Contains explicit counts (8,756 detections; 172 threat actors) and pricing tiers: free exploration with limited AI chats, PRO at $25/month or $250/year for unlimited frontier-model chats. #bookmark #MITRE #AI #detections #threatintel🔗 Source: https://detect.michaelhaag.org/
-
"Kemi Badenoch said she is '100% confident' there will be no more senior Tory defections, following Robert Jenrick's sacking and decision to join Reform"
Friday 16 January 2026 12:56, UK
🤭
#Badenoch
#Detections
#OneHundredPerCenthttps://news.sky.com/video/badenoch-100-confident-no-more-senior-tory-defections-to-reform-13494988
-
Yesterday I attended #SOC #DetectionEngineering Crash Course with Hayden Covington by @Antisy_Training
5 hours workshop (1 hour lab setup with instructor available on Zoom and 4 hours of workshop itself). Pay what you can with pricing starting from $0. Course materials such as setup guide and excellent lab instructions delivered in advance, two days before workshop.
All you need for the workshop is just the web browser - we use #MetaCTF Cloud Windows VM (credits provided by the instructor) and Elastic Security (free trial available for 14 days).
Fun fact: I test #FreeBSD as my host OS and was able to do all of the labs in FreeBSD without any issuesThe content was useful, really Crash course. We started with Windows VM with Sysmon and empty Elastic. After the course, we had Elastic Agent on VM, logs in Elastic, detection rule for @mitreattack Account Discovery: Local Account (T1087.001), suppression of the alerts for particular user. We also tested the detection with Atomic Red Team test.
In overall, it was very good workshop and I am happy for opportunity to attend it. The usage of "free" cloud infrastructure is inspiring, I will consider it during my next trainings for larger group of students (instead of hosting all of the VMs in our cloud infrastructure) - this way, lot of things can students do again after the training for better understanding of the topic.
#infosec #education #training #antisyphon #soc #siem #detections #blueteam
-
Listening to the same old stuff in cybersec meetings today in July 2025 CE. Do y'all think anyone is ready for "hey your firewall, VPN gateway, ( bastion host) is popped" network #detections? We could warm up with something classic, like @taosecurity 's _Extrusion Detection_ ( 2005 ) though the coverage in the "Bastion Book" _Building Internet Firewalls_ was great in *checks notes* 1995. 🤦🏻♀️🙇🏻♀️
-
Want #detections that find baddies? Join us today at 12:30 Central for #ThursdayDefensive. Register here: https://www.reconinfosec.com/thursday-defensive/
https://www.reconinfosec.com/thursday-defensive/ -
Great tool to work with sigma rules and conversions to Splunk SPL, Elastics EQL and much more. This should make Detection Engineering comfortable.
-
The #Impact of Highly Pathogenic Avian #Influenza #H5N1 in the #USA: A Scoping #Review of Past #Detections and Present #Outbreaks, https://etidiohnew.blogspot.com/2025/02/the-impact-of-highly-pathogenic-avian.html
-
»How Democratizing #ThreatHunting is Changing #MobileSecurity: revealing 11 new #Pegasus #detections.« https://iverify.io/blog/how-democratizing-threat-hunting-is-changing-mobile-security?eicker.news #tech #media
-
Incident Response and Threat Hunting:
A comprehensive collection of Kusto Query Language (KQL) queries used in detection, threat hunting, that focuses on Detections and Digital Forensicshttps://github.com/CodeByHarri/Incident-Response-and-Threat-Hunting
-
#USA, Federal and State Veterinary Agencies Share Update on #HPAI #Detections in #Oregon Backyard #Farm, Including First #H5N1 Detections in #Swine
Source: USDA, WASHINGTON, Oct. 30, 2024 – The U.S. Department of Agriculture (USDA) and Oregon state veterinary officials are investigating positive cases of H5N1 in a backyard farming operation in Oregon that has a mix of poultry and livestock, including swine. The Oregon Department of Agriculture announced on Friday, Oct.…
-
#USA, Highly Pathogenic Avian #Influenza #H5N1 (HPAI) #Detections in #Livestock, as of April 22 2024, https://www.aphis.usda.gov/livestock-poultry-disease/avian/avian-influenza/hpai-detections/livestock
One new cows outbreak in #Idaho.
-
#USA, Highly Pathogenic Avian #Influenza #H5N1 (HPAI) #Detections in #Livestock, as of April 21 2024, https://www.aphis.usda.gov/livestock-poultry-disease/avian/avian-influenza/hpai-detections/livestock
-
#USA, Highly Pathogenic Avian #Influenza #H5N1 (HPAI) #Detections in #Livestock, as of April 19 2024: https://www.aphis.usda.gov/livestock-poultry-disease/avian/avian-influenza/hpai-detections/livestock
On Apr 17, three additional outbreaks in cattle were reported in #Texas, #Kansas and #Michigan.
-
#USA, #Influenza #H5N1 #Detections in #Livestock, as of April 18 2024, https://www.aphis.usda.gov/livestock-poultry-disease/avian/avian-influenza/hpai-detections/livestock
One new dairy milking cow farm outbreak in Michigan.
-
#USA, Highly Pathogenic Avian #Influenza #H5N1 (HPAI) #Detections in #Livestock, as of April 16 2024, https://www.aphis.usda.gov/livestock-poultry-disease/avian/avian-influenza/hpai-detections/livestock
-
#USA, Highly Pathogenic Avian #Influenza (HPAI) #H5N1 #Detections in #Livestock, Updated as of April 10 '24 {SD & NC added}, https://www.aphis.usda.gov/livestock-poultry-disease/avian/avian-influenza/hpai-detections/livestock
-
#USA, Highly Pathogenic Avian #Influenza (#HPAI) #H5N1 #Detections in #Livestock, Update as of April 10 '24, https://www.aphis.usda.gov/livestock-poultry-disease/avian/avian-influenza/hpai-detections/livestock
-
#USDA, #FDA and #CDC Share #Update on Highly Pathogenic Avian #Influenza #H5N1 virus #Detections in Dairy #Cattle, https://www.aphis.usda.gov/news/agency-announcements/usda-fda-cdc-share-update-hpai-detections-dairy-cattle
Because of the limited information available about the #transmission of #HPAI in raw #milk, the FDA recommends that #industry does not manufacture or sell raw milk or raw/unpasteurized milk #cheese products made with milk from cows showing symptoms of illness, including those infected with avian influenza or exposed to those infected with avian influenza.
-
#Avian #Influenza: #delay in rise of #detections, higher #risk still expected in upcoming months https://www.efsa.europa.eu/en/news/avian-influenza-delay-rise-detections-higher-risk-still-expected-upcoming-months
-
Happy to be back after a brief holiday!
This week I am going to be working on AD detections in ELK, cloud vulnerability stuff and more :D
-
macOS patching, vulnerability scanning, RMM clean up, and end user 2FA clean up has been the name of the game lately.
Next week will be a little more exciting. I am going to be starting to implement new detections and tools that I took notes on from Defcon!
#security #macOS #vulnerabilitymanagement #RMM #2FA #detections #defcon
-
Last night my co-authors and I turned in the final chapter's first draft for our book, Practical Detection Engineering: A hands-on guide to planning, developing, and validating threat detections. Still got a few rounds of technical reviews and copy edits but definitely a big milestone for us.
When performing competitor analysis we found that despite the numerous amazing blog posts from industry experts, there wasn't a complete book focused solely on detection engineering, so hopefully we can fill that gap for the field! The book is scheduled to release in early August and is available for pre-order on Amazon now:
https://www.amazon.com/Practical-Detection-Engineering-Confidently-detections/dp/1801076715If you have a Packt subscription, it'll be in the eBook library too.
Thanks in advance for anyone who decides to invest in our work and check it out!
#detectionengineering #detections #threatdetection #threatintelligence #threatintel #infosec #engineering #cybersecurity #book #ebook #preorder
-
Interested in #malwareanalysis, #reverseengineering &#threatintelligence? Want to get into understanding how/why certain malware acts the way it does.
Tanisha L Turner ( @cybersecdiva on the birb site) will be leading a series of courses on lab setup, hardening your environment, & creating #detections for your own orgs to protect themselves from real malware threats. Real #malware will be analyzed in this course
Join us on #twitch on the 28th of June at 3:30pm Pacific!https://www.twitch.tv/brakesec/schedule?seriesID=5b9dfcf5-222d-47d4-ad9e-71d5c100349b