Paul Brodeur

@[email protected]
86 Followers
121 Following
10 Posts
blue team, people leader at a global retailer. I don’t speak for my employer.
LinkedIn profilehttps://www.linkedin.com/in/paulbrodeur
Paul BrodeurApr 3, 2025
@krypt3ia sorry for your loss
Paul BrodeurJan 19, 2023

@GossiTheDog oh, yes. As long as the data comes from only one log source, you can use rules engine. API to pull matches is straightforward, and it integrates into the major SOARs. For other more complex use cases BigQuery is required and comes with its own set of limitations.

Listen, it’s not Splunk. But it also doesn’t cost Splunk prices.

Paul BrodeurJan 19, 2023
@GossiTheDog we have the default threat intel rules disabled. We have a TI system that’s consuming chronicle data, not inside it.
Not sure if that answered your question.
Paul BrodeurJan 19, 2023
@GossiTheDog Yes. It’s good when you can get your logs accurately parsed into their UDM. While the Yara-L rules have some limitation, you can do everything else in BigQuery.
Paul BrodeurDec 3, 2022
Ron BowesDec 3, 2022

My #slides from my #hushcon #talk yesterday. Thanks everybody for coming out! It was great to see / meet y'all!

https://docs.google.com/presentation/d/1CeWI7IIIVJEmrtPkFPnUIUHns2S7gZnchmlTo3ozhEA/edit?usp=sharing

2022-12 Hushcon Seattle - Ron Bowes

Hacking Networking Gear F5 Ron Bowes - @iagox86 From CSRF to Root December 2, 2022 https://infosec.exchange/@iagox86

Google Docs
Paul BrodeurDec 3, 2022
Zack WhittakerDec 2, 2022

This week, LastPass, and its parent company GoTo, both published blog posts about their recent data breach: http://tcrn.ch/3ucMvBx

But if you search for GoTo's blog post in Google, you won't find it, because GoTo hid its breach notice from search engines using "noindex" code.

TechCrunch is part of the Yahoo family of brands

Paul BrodeurDec 2, 2022
I am at Hushcon. Say hi if you see me.
Paul BrodeurDec 2, 2022
Kelly ShortridgeDec 1, 2022

How can we waste attackers’ time, attention, and money? Can we inflict psychological damage on them? In essence, can we f*** with them for better resilience outcomes?

Yes we can! Our new paper — led by @dykstra with other fine folks — answers these questions, introducing the concept of “sludge” against attackers for systems resilience: https://arxiv.org/pdf/2211.16626.pdf

Paul BrodeurNov 9, 2022

Here’s my swing at an #introduction

I’m a Canadian living in Seattle 🇺🇸 which means I pay all the taxes but can’t vote. Might see me post about immigration or Seattle happenings.

I work as the people leader for #SOC and #DFIR and #ThreatIntel at St*rbucks. I run a fully remote team, and I’m passionate about #RemoteWork. You might see me post about vulns or public incidents or whatever else I’m worried about this week. Won’t see me post about my employer.

I’m married, and we love to travel. That content usually ends up on instagram.

I’m going to try to be more active here than I was on the bird site. #BlueTeam #infosec #sectwits