Jonathan Ticknorinsecurity analyticsCyber Analytics Use Case: Streaming Beacon Detection with SparkI hope to convey two messages with this post: 1) A use case for cyber analytics that isn’t DGA or phishing, and 2) A few tricks that you…Apr 1, 2021Apr 1, 2021
Jonathan Ticknorinsecurity analyticsQuantifying the MITRE ATT&CK Round 2 EvaluationMITRE released the results for Round 2 of their EDR evaluation scenario, this time emulating APT29. As you might have seen, nearly every…Apr 23, 2020Apr 23, 2020
Jonathan Ticknorinsecurity analyticsElasticPhish: Using CertStream and the Elastic Stack for Phishing IntelligenceIn my previous post, A Phishing Guide: Lessons Learned on the Journey to Detecting Phishing Domains, I laid out my experience building…Apr 30, 2019Apr 30, 2019
Jonathan Ticknorinsecurity analyticsCyber and AI: Separating Fact from Fiction at Peak HypeBy now, we have all seen an article claiming artificial intelligence (AI) is the solution to all of our detection problems or an…Feb 1, 2019Feb 1, 2019
Jonathan Ticknorinsecurity analyticsA Phishing Guide: Lessons Learned on the Journey to Detecting Phishing DomainsThis is the first in what I hope to be a series of posts about my experiences building detection capabilities for the largest…Jan 24, 20193Jan 24, 20193