April was chaotic good. Here’s what you missed.

• The Threat Hunts in Our Stars

  Discover your threat hunting style based on your zodiac sign from THOR Collective Dispatch, because even hackers have horoscopes.

  By

  Lauren Proehl

• The Power of the Trio

  Get ready for a thrilling trilogy of frameworks that will revolutionize threat hunting, just like The Godfather and The Dark Knight revolutionized movies—because hunting threats requires more than just watching Netflix.

  By

  Cyb

• Because Logs Don’t Hunt Themselves - A Deep Dive into tstats

  Get ready to level up your Splunk game with SPL Dispatch, starting with a breakdown of the tstats command to speed up your searches and make data analysis way more efficient - say goodbye to slow Splunk searches and hello to thrunting with sass!

  By

  Sydney Marrone

• The Power of the Trio - Part 2

  Get ready to delve into the practical implementation of the LAYER approach with some EDR bypass conversations in the BlackBasta leaks, hunting for signed driver abuse and improving your detection game like a pro - all discussed in detail.

  By

  Cyb

• Simulate. Detect. Tune. Repeat.

  Turn annual security evaluations from box-checking to actually useful by using Atomic Red Team and MITRE ATT&CK Framework to simulate real adversary behavior and find out what your security tools are catching (or missing), and stay tuned for using VECTR to track and improve your results.

  By

  John Grageda

• How Communication Shapes the Outcome of Cybersecurity Incidents

  In the world of cybersecurity, how a company communicates during a breach can make or break its reputation in the long run - honesty, transparency, and empathy are key, while downplaying, blaming others, and using technical jargon should be avoided like the plague.

  By

  Audra Streetman

• Measuring the Hunt When You Find “Nothing”

  Selling threat hunting isn't just about finding baddies, it's about proving value with real metrics, not vanity stats or warmed-over SOC KPIs - show your work to thrive, grow, and get the support your team needs, because no one funds vibes.

  By

  Lauren Proehl

• The Model(s) of D.E.A.T.H & Thrunt

  Having experience in different thrunting team models is crucial, whether you're a Unithrunt in a smaller organization or part of a dedicated Thrunt team in a larger organization, because there is no one-size-fits-all approach to organization structures in threat hunting and detection engineering.

  By

  The Cy Fox

• Z-Scoring Your Way to Better Threat Detection

  Learn why you should care about standard deviation and Z-scores, because finding anomalies in your data is way more exciting than predicting "normal" all day, every day.

  By

  Sydney Marrone