Archive - Detection Engineering Weekly

DEW #135 - Chaos Detection Engineering, Connecting Policy to IR playbooks & Spooky AWS Policies

spooky scary detection rules keepin' me up at night

Oct 29 •

DEW #134 - Prioritizing Critical Assets, AI SOC means MORE alerts and Microsoft CoPilot Phishing

Have you tried just being 100% accurate all the time you goober?

Oct 22 •

DEW #133 - Redefining Security Visibility, TTP-First Hunting & F5 breach

we should define a standard to unite all standards

Oct 16 •

DEW #132 - Linux Rootkits Evolution, LLM Rule Evals, Oracle 0-day exploitation

༼ つ ಥ_ಥ ༽つ noo all my rootkits are obsolete ლ(ಠ益ಠლ)

Oct 8 •

DEW #131 - ❄️New EDR bypass❄️, CTI Poverty, AWS Infra Canaries & Hunting in IMDS

🫂GET IN🫂CLICK🫂HUNTING🫂NEWS🫂THREAT ACTOR HARMONY🫂DRAMA🫂RULES🫂IOC JUICERS

Oct 1 •

September 2025

August 2025

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts