October delivered AI agents, time mastery, and a few purple team curveballs. From scaling hunts like code to aligning GRC with threat-informed defense, this month’s Dispatch lineup hit every layer of the stack.

• Ask-a-Thrunt3r: September 2025 Recap 🐏
  THOR Collective celebrates 2,000 Dispatch subscribers and dives into the art and science of baselining. The crew also explores the future of collaborative hunting with Git repos, Jupyter notebooks, and AI assistants.
  By Lauren Proehl

• Agentic Threat Hunting, Part 2: Starting a Hunt Repo
  Treat hunts like code. Store hypotheses, queries, and results in a GitHub repo to scale, automate, and learn from every iteration. Pair it with AI (safely) to level up your hunting game.
  By Sydney Marrone

• The Shape of Time: Mastering timechart
  Time tells the truth. Visualize anomalies, track automation, and spot exfil in motion using Splunk’s timechart command.
  By Sydney Marrone

• Hunting Beyond Indicators
  IOCs change. Behaviors don’t. Pivot your hunts toward adversary TTPs to uncover the unknown and stay ahead of shapeshifting threats.
  By Sam Hanson

• Sliver Armory in Action: Bringing Sliver Armory BOFs to Purple Teaming
  Use Sliver Armory BOFs for realistic, stealthy purple team exercises. Run payloads in-memory and emulate adversaries without leaving artifacts behind.
  By John Grageda

• Aligning Risk Management and Threat-Informed Defense Practices (Part 1)
  Bridge the gap between GRC and threat-informed defense. Align risk frameworks with detection priorities to strengthen collaboration and real-world readiness.
  By Micah VanFossen

• From the Fire: Q3FY25
  Deepfake execs, MFA bombing, and QR code attacks defined the quarter. Watch for anomalies in video calls, pushes, and inboxes—because psychology is the new payload.
  By Lauren Proehl

Stay tuned for more thrunting wisdom next month.