Streamlining Security Investigations with Agents
We built an agentic security investigation service to help us research alerts as part of our mission to keep Slack secure and protect our customers. Our service deploys teams of AI agents that collaboratively perform security investigations. AI agents free human analysts from tedious data gathering tasks. Over just the first quarter of their deployment, our agents have performed over 7,500 investigations, issuing over 500,000 tool calls. Our agents are enabling us to gain unprecedented real-time insight into Slack’s infrastructure in a way we could never do with human labor alone.
The Cloud-Native Detection Engineering Handbook
From a Single Log Line to a Fully Enriched Investigation Playbook
A Brief Deep-Dive into Attacking and Defending Kubernetes
What attackers do in Kubernetes and how to catch them.
Detection of Kerberos Golden Ticket Attacks via Velociraptor
Kerberos is a strange technology. Over the years, I’ve gone through its internal workings again and again, yet parts of it always seem to…
Why you should remove ‘ClawdBot’ (or whatever it’s called) right now:
https://andreafortuna.org/2026/01/31/remove-clawdbot-now.htmlWhy you should remove ‘ClawdBot’ (or whatever it’s called) right now
If you’ve been keeping an eye on developer news in 2026, you’ve probably come across ClawdBot. Maybe you know it as MoltBot or the latest fork, OpenClaw. No matter what it’s called today, the story is the same: this tool has become a textbook example of how not to build and launch an open-source AI project.
Peeking into /proc: turning live Linux data into evidence
After a long stretch of management talk and incident playbooks, it feels good to get my hands dirty again.
Peeking into /proc: turning live Linux data into evidence
After a long stretch of management talk and incident playbooks, it feels good to get my hands dirty again.
What’s really slowing down your incident response
Cybersecurity expert, software developer, experienced digital forensic analyst, musician
Incident Response is a team sport: the ‘Total Football’ playbook
I have a confession: I’m hopeless at football.
Glue employees hold teams together
Cybersecurity expert, software developer, experienced digital forensic analyst, musician
