Dispatch Debrief: May 2025
Quiet logs, loud analysts, and AI besties. Just another month in the hunt.
May’s Dispatch is a mixtape of SOC vibes: detection layers, spreadsheet rebellions, career chaos, and a whole lot of thrunting.
Dive in, stay weird, hunt smart.
April brought chaos with a side of good vibes, catch up on your threat hunting horoscope, trilogy of frameworks, and deep dives into Splunk in the latest THOR Collective Dispatch newsletter.
By
Ask-a-Thrunter: The Recap Is Here
Join the THOR Collective Discord for exclusive access to threat hunters answering your burning questions in real-time.
By
Stop the Spreadsheet Madness: Visualize Your Atomic Red Team Tests with VECTR
Sick of copy and paste test results into Excel spreadsheets? Meet VECTR, the open-source platform that organizes your offensive and defensive testing data in a way that actually makes sense, helping you prove maturity instead of just memeing your way through TTPs.
By
Detection-in-depth is all about having layers of detection mechanisms in place to catch adversaries at multiple stages of their attack, making sure they can't slip through the cracks of a single detection point, because the more layers, the merrier.
By
Every Event for Itself…Until You Run eventstats
Welcome to SPL Dispatch, where we highlight a single Splunk command, this time focusing on the eventstats command, because sometimes you need to know what's normal to find the abnormal, with examples of DNS beaconing and insider threat behavior hunts - get ready to hunt smarter, not harder!
By
Exploring Cybersecurity Career Paths and How They Work Together
This blog dives into different cybersecurity domains like Threat Intelligence, Threat Hunting, Red Teaming, Detection Engineering, and the SOC, emphasizing the importance of understanding the interconnected roles in cybersecurity - because teamwork makes the dream work, after all.
By
AI is My Bestie: Integrating LLMs Into Your Hunt Team
AI can be a helpful tool in threat hunting, speeding up the boring parts and reducing cognitive drain, but it can also be unpredictable and chaotic, so always double check its work before hitting send.
By
Quiet, Loud, and in the Logfiles: The Detection Duo You Didn’t Know You Needed
Alex Hurtado breaks down the importance of introverts and extroverts in the SOC, highlighting the need for both energy economies to thrive, reminding the industry that while AI agents may be the shiny new thing, the real revolution happens with the human team members who do the hard work behind the scenes.
By
Making Your Hunts Matter: Introducing Threat Hunting Relevancy Factors
Threat hunting is only effective when it's relevant to your organization's reality - otherwise, you'll end up like Velma hunting for threats that have nothing to do with your business. Introducing Threat Hunting Relevancy Factors (THRF) to help guide your hunts and ensure they make a real impact.
By
Stay tuned for more thrunting wisdom next month.