THOR Collective Dispatch

THOR Collective Dispatch

Home
Notes
Archive
Leaderboard
About
Detection Engineering: DIY or Die Trying
There’s a rising practice becoming the critical backbone of SecOps—and surprise, it’s not CNAPP. Sorry, unicorn Wiz.
  
Alex Hurtado
1
Break It 'Til You Make It: How to Test and Harden Your Security
Because If You Don’t Break It First, Someone Else Will!
  
John Grageda
1
Introducing HEARTH: A Community-Driven Threat Hunting Repository
Threat hunting is an art and a science.
  
Sydney Marrone
Lauren Proehl
, and 
John Grageda
Why Cybersecurity Teams Need to Break Their Own Defenses
If you’re not testing your security, you don’t have security.
  
Sydney Marrone
1
A Case for Loving Documentation
Let’s talk about the best part of cybersecurity: documentation.
  
Stacey Lokey
A DEATHCON Thrunting Workshop Overview Part 5: Model-Assisted Threat Hunting (M-ATH)
Machine learning, statistics, and HTTP events…oh my!
  
Sydney Marrone

February 2025

Exploring Splunk DECEIVE
The AI Queen bee does DECEIVE
  
Edna Jonsson
1
More Than a PowerPoint: A Manager’s View on Threat Hunting
Sometimes, you need a non-technical person.
  
Lauren Proehl
Stop Chasing Ghosts: How Five-Number Summaries Reveal Real Anomalies
Boo. No séance required.
  
Sydney Marrone
A DEATHCON Thrunting Workshop Overview Part 4: Baseline Hunting
Detecting normal versus abnormal applications in your environment
  
Lauren Proehl
See Evil, Thrunt Evil – Modelling Behaviors is a Critical Thrunting Prerequisite
In the previous THOR Collective Dispatch posts, Sydney and Lauren explored the importance of planning your way into a thrunt – especially data…
  
Jamie Williams
The Case for Thrunting
Why Thrunting Is Here to Stay
  
Sydney Marrone
© 2025 THOR Collective
PrivacyTermsCollection notice
Start WritingGet the app
Substack is the home for great culture