Show threadTim (Wadhwa-)Brown Sep 23

Took Ada for a walk and pondered.

When I write detections, I start by thinking about low-level primitives and then worry about the varied motivations later. I ❤️ ATT&CK, but it seems inefficient that when we find a new adversary capability we don't map all the places it can be misused immediately. A good set of detections for OS Credential Dumping should also be capable of immediately flagging DRAM Collection also.

To that end, if you're a detection engineer, start by working out which data sources matter on which systems (and make sure you're collecting them) rather than get too het up by specific (sub-)techniques.

#dogops, #detection, #engineering

Tim (Wadhwa-)Brown Aug 29, 2025

Sunset with Ada.

#dogops, #dogsofmastodon

Tim (Wadhwa-)Brown May 1, 2025

Doggo got a lump of shit in her mouth and proceeded to run around like a lunatic on this morning's walk. No instructions were followed and I had to stop myself having a melt down. Not sure how to make her understand she was naughty.

#dogops, #dogsofmastodon

Tim (Wadhwa-)Brown Jul 23, 2024

Thought: CTFs for dogs?

#dogops

Tim (Wadhwa-)Brown Nov 1, 2022

Less noise, more signal version of https://twitter.com/timb_machine. #socialist & #antifascist.

#ATT&CK, #purpleteam, #blueteam, #threatmodelling, #Cisco, #redteam, #EMFCamp, #uncon, #kde, #OpenVAS, #Portcullis, #Perl, #Debian, #Indymedia, #AS28792, #Solaris, #RISCOS adjacent security researcher.

Also, #brentfordfc, #dogops, #microfiction fan.

Tim Brown (@timb_machine) on X

push(@twitter, 'Adversarial Engineer'); # i tweet in Perl

X (formerly Twitter)
evilchiliApr 24, 2019
daily stand ups are really exciting on my team. #DogOps