Jared Atkinson

Thoughts on Host-based Detection Techniques

Introduction

A few weeks ago I released a post that described our methodology for creating behavior-based detections for attack techniques chronicled in the MITRE ATT&CK Matrix. I think the concept of what a “detection…

Host-based Threat Modeling & Indicator Design

Detecting Zeroaccess Trojan’s abuse of NTFS Extended…