Steve Cooper
@blueteamsteve.bsky.social
Cyber security, detection engineering, threat intelligence, SecOps and automation AI/ML. Scottish.
Nice, had not seen that one before. I like the hand drawn look!
November 29, 2024 at 1:41 PM
Nice, had not seen that one before. I like the hand drawn look!
na my bad, thought you were subtweeting something! It's a nuanced subject for 240 chars!
November 29, 2024 at 11:54 AM
na my bad, thought you were subtweeting something! It's a nuanced subject for 240 chars!
My comment was in relation to the paper that has been recently shared around social media. I think you’re right that it’s about outcomes not metrics.
www.computer.org/csdl/proceed...
www.computer.org/csdl/proceed...
CSDL | IEEE Computer Society
www.computer.org
November 28, 2024 at 3:03 PM
My comment was in relation to the paper that has been recently shared around social media. I think you’re right that it’s about outcomes not metrics.
www.computer.org/csdl/proceed...
www.computer.org/csdl/proceed...
Saw a study saying same. Not sure I agreed with their methodology
Very hard thing to measure since major incidents are a sparse dataset in single companies. Even meta analysis is difficult because extracting only impact of phishing training out of entire transformation program is impossible
Very hard thing to measure since major incidents are a sparse dataset in single companies. Even meta analysis is difficult because extracting only impact of phishing training out of entire transformation program is impossible
November 28, 2024 at 1:52 PM
Saw a study saying same. Not sure I agreed with their methodology
Very hard thing to measure since major incidents are a sparse dataset in single companies. Even meta analysis is difficult because extracting only impact of phishing training out of entire transformation program is impossible
Very hard thing to measure since major incidents are a sparse dataset in single companies. Even meta analysis is difficult because extracting only impact of phishing training out of entire transformation program is impossible
I use and like both but lean towards Windows these days. Better ui and window management, file mgt, games.
Mac did make using Linux tools, docker and devops tooling easier. However WSL solves that now.
I still like my M1 ‘s battery life and cool running! M4 max looks awesome for local LLM too!
Mac did make using Linux tools, docker and devops tooling easier. However WSL solves that now.
I still like my M1 ‘s battery life and cool running! M4 max looks awesome for local LLM too!
November 22, 2024 at 8:08 PM
I use and like both but lean towards Windows these days. Better ui and window management, file mgt, games.
Mac did make using Linux tools, docker and devops tooling easier. However WSL solves that now.
I still like my M1 ‘s battery life and cool running! M4 max looks awesome for local LLM too!
Mac did make using Linux tools, docker and devops tooling easier. However WSL solves that now.
I still like my M1 ‘s battery life and cool running! M4 max looks awesome for local LLM too!
Good blog!
All comes down to really understanding your org, data and use case. And expectations on recall versus precision.
Also not every use case needs to run hourly. Longer windows and schedules may actaully be better for analytics focused detections and avoid the lag problem entirely.
All comes down to really understanding your org, data and use case. And expectations on recall versus precision.
Also not every use case needs to run hourly. Longer windows and schedules may actaully be better for analytics focused detections and avoid the lag problem entirely.
November 21, 2024 at 2:05 PM
Good blog!
All comes down to really understanding your org, data and use case. And expectations on recall versus precision.
Also not every use case needs to run hourly. Longer windows and schedules may actaully be better for analytics focused detections and avoid the lag problem entirely.
All comes down to really understanding your org, data and use case. And expectations on recall versus precision.
Also not every use case needs to run hourly. Longer windows and schedules may actaully be better for analytics focused detections and avoid the lag problem entirely.
Someone really has the knives out for Google!
Feels destructive and lacking clear understanding of the market. Search is about to get disrupted big time.
Feels destructive and lacking clear understanding of the market. Search is about to get disrupted big time.
November 21, 2024 at 1:33 PM
Someone really has the knives out for Google!
Feels destructive and lacking clear understanding of the market. Search is about to get disrupted big time.
Feels destructive and lacking clear understanding of the market. Search is about to get disrupted big time.
Yea vital to have good knowledge of search languages. Most big orgs will be Splunk SPL or Sentinel KQL.
Sigma and uncoder.io are great!
Sigma and uncoder.io are great!
Uncoder IO: Detection Engineering IDE & Translation Engine for Cyber Defenders
Sign up to Uncoder AI for free and obtain advanced detection engineering capabilities that unlock collective expertise backed by Sigma and MITRE ATT&CK®.
uncoder.io
November 13, 2024 at 10:38 AM
Yea vital to have good knowledge of search languages. Most big orgs will be Splunk SPL or Sentinel KQL.
Sigma and uncoder.io are great!
Sigma and uncoder.io are great!