Claus Cramon HoumannWe submitted #OpenTIDE to the @defcon main conference. It’s, as some of you know, a defensive tool & the talk will therefore also be defensive, should the unlikely happen. Please, Wish us luck!! #DetectionEngineering #DetectionOps
@simplenomad hmmm. Maybe they would be interested in seeing the GitLab #DetectionOps project we’ve built.
Hey if you’re one of the countless awesome folks spending your free time to understand and document threat actors or their TTPs - if you want to maximize making your work actionable for blue teams and repeatable/consistent over time, consider cloning #OpenTIDE and using it to publish your research as standardized objects! #BuildOnce
@inliniac I just asked the dev of our #DetectionOps platform #OpenTIDE to consider submitting, he built Suricata integration already a while back, iirc.
This is pretty good on why you should test your detections and options/deliberations to go through when you're considering doing it:
https://medium.com/anton-on-security/testing-in-detection-engineering-part-8-73516197d5b4
We've attached the #FIRSTAMS2024 presentation slides of #OpenTIDE #DetectionOps at the end of the release blog https://code.europa.eu/groups/ec-digit-s2/opentide/
We added a short #OpenTIDE release blog with basic info, how to use it and for what and with an attempt to describe the roadmap for the tool.
If you want to know more about this #DetectionOps release, here’s the slide deck: hmmm dunno how to upload a file maybe it doesn’t support that in Mastodon, hang on
In about 2 weeks we’re releasing something you might wanna see if you like #DetectionEngineering or #threatintel or #purpleteaming or #detectionascode -> TIDeMEC which implements #DetectionOps will be released at the FIRST Symphony Amsterdam