Audra Streetman

@[email protected]
212 Followers
339 Following
119 Posts
Senior Threat Intelligence Analyst at Splunk
Audra StreetmanMay 12, 2025
Royce WilliamsMay 12, 2025

CISA's initial email announcement reducing public-facing security products preserved RSS feeds. But the website language has been updated to drop RSS as a remaining source.

The stated reasoning ("CISA wants this critical information to get the attention it deserves and ensure it is easier to find") is ... specious at best.

Even if we stipulate that keeping the general website less noisy is a net win, they could just ... provide a different web page? And it would be trivial to also create a separate RSS feed just for the vulnerability announcements. The automation is clearly already there and would be relatively easy to modify.

The actual reasoning is different from the stated reasoning, and is left as an exercise for the reader.

Edit: Jerry is setting up an email-to-Mastodon shim here!

https://infosec.exchange/@cisareflector

... which can then be followed as an RSS feed:

https://infosec.exchange/@cisareflector.rss

#CISA

CISA Email Reflector (@[email protected])

4 Posts, 0 Following, 81 Followers · Per this notice (https://www.cisa.gov/news-events/alerts/2025/05/12/update-how-cisa-shares-cyber-related-alerts-and-notifications), CISA no longer publishes an RSS feed. Through some magic, this account will repost the contents of CISA email bulletins, which will allow you to subscribe with an RSS reader to: https://infosec.exchange/@cisareflector.rss This is not an official account. This account is maintained by @[email protected]

Infosec Exchange
Audra StreetmanApr 17, 2025
sydneyApr 17, 2025

When incidents hit, how you communicate can shape the outcome.

This week’s THOR Collective Dispatch features @audrastreetman, former journalist turned cyber intel analyst.

https://dispatch.thorcollective.com/p/how-communication-shapes-the-outcome

#cybersecurity #incidentresponse #communication #infosec #THORcollective #thrunting

How Communication Shapes the Outcome of Cybersecurity Incidents

Why the timing and transparency of messaging can make or break your incident response

THOR Collective Dispatch
Audra StreetmanApr 15, 2025
Kevin BeaumontApr 15, 2025

Wow. CVE database is in serious trouble, tomorrow.

The cyber industry as a whole is in trouble also really, it’s the elephant in the room - the collapse of the White House’s support for cybersecurity is obvious and pronounced due to widespread cutbacks.

Audra StreetmanMar 27, 2025
sydneyMar 27, 2025

✨Representation is a security issue✨
Check out this THOR Collective Dispatch on why cyber needs more women and intersectional diversity.

Read it here: https://dispatch.thorcollective.com/p/why-we-need-more-women-and-intersectional-diversity-in-cyber

#cybersecurity #dei #womenincyber #representationmatters #inclusivesecurity #thrunting #THORcollective

Why We Need More Women and Intersectional Diversity in Cyber (And How to Get There)

Representation matters in cybersecurity. Here’s why—and what we can do about it.

THOR Collective Dispatch
Audra StreetmanMar 26, 2025
Show threadKevin BeaumontMar 26, 2025

Bleeping Computer say multiple Oracle customers confirm their customer data has been stolen. Oracle continue to deny there is a problem.

https://www.bleepingcomputer.com/news/security/oracle-customers-confirm-data-stolen-in-alleged-cloud-breach-is-valid/

Oracle customers confirm data stolen in alleged cloud breach is valid

Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor are valid.

BleepingComputer
Audra StreetmanMar 25, 2025
sydneyMar 25, 2025

Last week THOR Collective Dispatch covered blind purple teaming. This week? Full transparency. Red & Blue sharing every move, learning together in real time.
💜
Check it out: https://dispatch.thorcollective.com/p/purple-teaming-in-plain-sight

#purpleteaming #threathunting #thrunting #cybersecurity #infosec

Purple Teaming in Plain Sight

Why Transparency Makes You Stronger

THOR Collective Dispatch
Audra StreetmanJan 22, 2025
Registration is open for the SANS New2Cyber Summit on March 13! The free virtual event is for anyone new to #cybersecurity or looking to level up their skills. I'm presenting at 4:25pm ET about my career change from local TV news to cyber threat intelligence:
https://www.sans.org/cyber-security-training-events/newtocyber-summit-2025/
New2Cyber Summit & Live Online Cybersecurity Training | SANS Institute

Cybersecurity is a fast-growing, dynamic field and SANS mission is to equip you with the skills you need to succeed in the industry. This free live-online event brings together leading experts prepared to share their first-hand knowledge on building a successful career in the field of cyber security. This two day summit will provide you with a complete guide to getting started and access to crucial information, giving you an advantage on the competition when job searching and progressing in you cyber career.

Audra StreetmanNov 13, 2024

Threat hunters - if you haven't already, check out HEARTH (the Hunting Exchange and Research Threat Hub). It's a new, community-driven repository for hunt ideas, methodologies, and research:

https://github.com/triw0lf/HEARTH

#cybersecurity #infosec

GitHub - triw0lf/HEARTH: Hunting Exchange And Research Threat Hub

Hunting Exchange And Research Threat Hub. Contribute to triw0lf/HEARTH development by creating an account on GitHub.

GitHub
Audra StreetmanAug 30, 2024
The August Staff Picks for Splunk Security Reading blog is out with the #cybersecurity news and research we found most interesting this month:
https://www.splunk.com/en_us/blog/security/staff-picks-for-splunk-security-reading-august-2024.html
Staff Picks for Splunk Security Reading August 2024 | Splunk

Splunk security experts share their curated list of presentations, whitepapers, and customer case studies that they feel are worth a read.

Splunk
Audra StreetmanJul 24, 2024
Ep. 2 of The Security Detail is out! This week, @Lawyerliz, founder of Silver Key Strategies, discusses her research using large language models (LLMs) to analyze SEC 8-K filings and other public reporting to gain #cybersecurity insights.
https://thesecuritydetail.podbean.com/e/liz-wharton/
Ep. 2: LLM Research and CISO Liability with Liz Wharton, founder of Silver Key Strategies | The Security Detail

In episode two of The Security Detail, Audra interviews Liz Wharton, founder of Silver Key Strategies, about her research on using large language models (LLMs) to analyze SEC 8-K filings and other public reporting to gain cybersecurity insights. Liz is an attorney who has two decades of legal, public policy, and business experience, including in cybersecurity. The interview also covers the heightened liability security executives face when reporting material incidents to the US Securities and Exchange Commission (SEC).    Resources:  SURGe Minicon talks at .conf24: https://conf.splunk.com/sessions/catalog.html?search=minicon#/ Silver Key Strategies: https://silverkeystrategies.com/about-silver-key Splunk's 2024 State of Security Report: https://www.splunk.com/en_us/campaigns/state-of-security.html