🎧 Episode Title:
Ask-a-Thrunter: May 2025 Recap 🐏
🗓️ Release Date:
May 2025
📝 Episode Summary
In this episode of Ask a Thrunter, we’re catching up on the best of May and making up for missing our usual THORsday slot (thanks, Broadway). We finally do proper introductions and shout out two of our favorite Dispatch posts: one on SOC personality dynamics and another on integrating AI into your hunt workflows.
We debate whether threat hunters should be using AI, share our hottest takes (and horror stories) on LLMs, and talk about risk, tooling, and practicality when bringing generative AI into real-world hunting. There's a surprise drop you won't want to miss, and we close things out with a fantastic paid subscriber Q&A from Austin that covers rule validation, detection review cadences, and PEAK framework nuances.
If you like a little chaos with your cyber, you’re in the right place.
⏱️ Episode Breakdown
00:00 – Intro & Broadway vs. THORsday
02:03 – Team introductions: Lauren, Sydney, and John
05:57 – Episode overview
07:10 – Dispatch highlights begin
07:30 – Dispatch pick: Quiet, Loud, and in the Log Files by Alex Hurtado
12:24 – Dispatch pick: AI Is My Bestie by Lauren Proehl
14:11 – Claude AI hallucinations
17:49 – Should threat hunters use AI?
19:28 – Should orgs block access to LLM tools like Claude and Copilot?
22:37 – AI integrated in supply chain
24:01 – Giveaway winner announcement
25:05 – Ask a Thrunter Q&A
26:51 – Rule and detection validation question
30:27 – Defining queries from the PEAK template question
34:16 – Detection lifecycle validation question
37:19 – Alert vs event vs incident question
39:43 – Special announcement
39:59 – THOR Supply Shop announcement – use code THRUNT20 for 20% off!
41:41 – We love Brett!
43:28 – Outro
🎤 Hosts & Guests
Lauren Proehl (Host) – Global Head of Detection & Response at a Fortune 500 financial firm. Co-founder of THOR Collective.
Sydney Marrone (Host) – Principal Threat Hunter at a major software company. Co-founder of THOR Collective.
John Grageda (Host) – Red Teamer and original member of THOR. Brings a purple team/red team lens to threat hunting. Co-founder of THOR Collective.
🔗 Resources & Mentions
🧠 AI is My Bestie by Lauren Proehl
💬 Anthropic’s report on Claude abuse by threat actors
👕 THOR Collective Merch Store – use code THRUNT20 for 20% off
🎵 THOR Collective soundtrack brought to you by ELIPSCION (Brett)
📢 Call to Action
💬 Join the THOR Collective Discord (paid subscribers get access to live Q&A)
📬 Subscribe to the Dispatch
🧵 Submit your questions for June's Ask-a-Thrunter
👕 Use THRUNT20 at shop.thorcollective.com for merch!
📬 Connect with THOR Collective
🗺️ Twitter/X: THOR_Collective
💼 LinkedIn: THOR Collective
Share this post