KostasUnintentional Evasion: Investigating How CMD Fragmentation Hampers Detection & ResponseDiscover how CMD command fragmentation creates security blind spots, letting attackers evade detection and complicate investigations.1d ago1d ago
KostasTelemetry on Linux vs. Windows: A Comparative AnalysisA look at how Windows and Linux manage telemetry to support incident response operations.Sep 3Sep 3
KostasBehind the Scenes: The Daily Grind of Threat HunterI turned a Twitter thread into a blog post on the topic of threat hunting. This is an example of the real-world steps involved during a…Nov 29, 2023Nov 29, 2023
KostasinInfoSec Write-upsUnderstanding Red to Be Better at Blue: Navigating New CrackMapExec UpdatesHow to research and develop detection and hunting techniques based on new features from commonly-used penetration testing frameworks.Sep 5, 2023Sep 5, 2023
KostasThreat Hunting Metrics: The Good, The Bad and The UglyThreat hunting is a crucial aspect of information security, but measuring its effectiveness can be challenging. In this article, we will…Aug 21, 20231Aug 21, 20231
KostasPublic Opinion Survey Results: You’re PwnedI am starting these short-form blog posts that aim to provide insights into attackers’ actions once they gain access to a network. Although…Jul 5, 2023Jul 5, 2023
KostasinDetect FYIEDR Telemetry Project: A Comprehensive ComparisonEndpoint Detection and Response (EDR) products have become essential to organizations’ cybersecurity strategies. As a result, understanding…Apr 19, 20237Apr 19, 20237
KostasinDetect FYIThreat Hunting Series: Detection Engineering VS Threat HuntingThreat hunting is becoming mainstream, and despite the attention it receives, many people need help to differentiate it from other roles…Feb 21, 20231Feb 21, 20231
KostasinInfoSec Write-upsThreat Hunting Series: Using Threat Emulation for Threat HuntingThis post will demonstrate how threat emulation can be used for threat hunting. I often use threat emulation to understand the evidence an…Oct 10, 20221Oct 10, 20221