All of my long-form thoughts on programming, leadership, product design, and more, collected in chronological order.
An academic paper exploring the application of agentic AI systems to detection engineering, presenting frameworks for building autonomous security systems that can reason, adapt, and improve over time.
A comprehensive guide exploring how agentic frameworks can transform detection engineering workflows through autonomous AI agents that dynamically gather evidence, reason, and adapt their behavior.
An in-depth look at the current state of detection engineering at Elastic Security Labs, covering advancements in threat detection, rule development, and the integration of AI-driven approaches.
Exploring an innovative approach to identifying detection gaps by detonating C2 beacons in controlled environments to validate and improve security detection capabilities.
Elastic Security Labs discusses detection and mitigation strategies for vulnerabilities in the CUPS printing system, which allow unauthenticated attackers to exploit the system via IPP and mDNS, resulting in remote code execution (RCE) on UNIX-based systems such as Linux, macOS, BSDs, ChromeOS, and Solaris.
Improving detection engineering with Elastic`s DEBMM.
At Elastic, we`ve built enablers from soup to nuts for you to begin rolling your own Detections as Code with Elastic Security. These features are now in Beta!
Explore How Elastic`s New LLM Security Strategies Enhance Detection, Standardization, and Protection Across the LLM Ecosystem.
Exploring Elastic`s innovative approach for integrating security into the lifecycle of LLMs to safeguard against vulnerabilities featuring Elastic`s AI Assistant.
Elastic Security Labs is releasing an initial analysis of the XZ Utility backdoor, including YARA rules, osquery, and KQL searches to identify potential compromises.
ES|QL is Elastic`s new piped query language. Taking full advantage of this new feature, Elastic Security Labs walks through how to run validation of ES|QL rules for the Detection Engine.
Learn more about how Elastic Security Labs has been focused on accelerating our detection engineering workflows by tapping into more generative AI capabilities.
Now that chatGPT is here, how will it shape the security industry? Here are ideas to illustrate ambitious applications of ChatGPT to improve detection, response, and understanding pulling together the new LLM provided by OpenAI and Elastics detection engine.
Detection engineering is one of the most fun threat-centric opportunities at Elastic. Here is a sneak peek of some tools we use for all you enthusiastic detection engineers and cybersecurity researchers eager to get in the game!
After almost a month away, I’m excited to start a new chapter as an Elastician! I haven’t traditionally been one to openly share, but time over the pandemic became a catalyst to grow and understand what the most important things in life were to me.
Back in 2021, I played around with GPT-3. For historical purposes, here are the type of responses, just in case something better comes along in the future (cough cough chatgpt).
