Open in app
Sign inGet started
Cyber Analytics Use Case: Streaming Beacon Detection with Spark

Cyber Analytics Use Case: Streaming Beacon Detection with Spark

I hope to convey two messages with this post: 1) A use case for cyber analytics that isn’t DGA or phishing, and 2) A few tricks that you…
Go to the profile of Jonathan Ticknor
Jonathan Ticknor
Quantifying the MITRE ATT&CK Round 2 Evaluation

Quantifying the MITRE ATT&CK Round 2 Evaluation

MITRE released the results for Round 2 of their EDR evaluation scenario, this time emulating APT29. As you might have seen, nearly every…
Go to the profile of Jonathan Ticknor
Jonathan Ticknor
ElasticPhish: Using CertStream and the Elastic Stack for Phishing Intelligence

ElasticPhish: Using CertStream and the Elastic Stack for Phishing Intelligence

In my previous post, A Phishing Guide: Lessons Learned on the Journey to Detecting Phishing Domains, I laid out my experience building…
Go to the profile of Jonathan Ticknor
Jonathan Ticknor
Cyber and AI: Separating Fact from Fiction at Peak Hype

Cyber and AI: Separating Fact from Fiction at Peak Hype

By now, we have all seen an article claiming artificial intelligence (AI) is the solution to all of our detection problems or an…
Go to the profile of Jonathan Ticknor
Jonathan Ticknor
A Phishing Guide: Lessons Learned on the Journey to Detecting Phishing Domains

A Phishing Guide: Lessons Learned on the Journey to Detecting Phishing Domains

This is the first in what I hope to be a series of posts about my experiences building detection capabilities for the largest…
Go to the profile of Jonathan Ticknor
Jonathan Ticknor
About security analyticsLatest StoriesArchiveAbout MediumTermsPrivacyTeams