toryc
@toryc.bsky.social
Detection & Response, Digital Forensics, SOAR, Information Security, Golang, Python
Reposted by toryc
🎉 It's Christmas in July!
We raised $4M to make proactive macOS security scalable for everyone.
Workshop is the first commercial platform built for Santa. Finally making allowlisting usable at scale.
Thanks to A16Z & everyone's who's believed in our mission.
We raised $4M to make proactive macOS security scalable for everyone.
Workshop is the first commercial platform built for Santa. Finally making allowlisting usable at scale.
Thanks to A16Z & everyone's who's believed in our mission.
July 30, 2025 at 1:39 PM
🎉 It's Christmas in July!
We raised $4M to make proactive macOS security scalable for everyone.
Workshop is the first commercial platform built for Santa. Finally making allowlisting usable at scale.
Thanks to A16Z & everyone's who's believed in our mission.
We raised $4M to make proactive macOS security scalable for everyone.
Workshop is the first commercial platform built for Santa. Finally making allowlisting usable at scale.
Thanks to A16Z & everyone's who's believed in our mission.
Reposted by toryc
sure, everybody hates snake oil — until their snake starts squeaking
December 15, 2024 at 1:04 PM
sure, everybody hates snake oil — until their snake starts squeaking
Reposted by toryc
Why should security folks study software engineering (i.e. the practice of writing software in/with other teams over a long period of time)?
Managing software is really about managing *complexity* and untamed complexity is highly correlated with poor security. Try to address both at the same time.
Managing software is really about managing *complexity* and untamed complexity is highly correlated with poor security. Try to address both at the same time.
November 30, 2024 at 3:34 PM
Why should security folks study software engineering (i.e. the practice of writing software in/with other teams over a long period of time)?
Managing software is really about managing *complexity* and untamed complexity is highly correlated with poor security. Try to address both at the same time.
Managing software is really about managing *complexity* and untamed complexity is highly correlated with poor security. Try to address both at the same time.
Reposted by toryc
@volexity.com’s latest blog post describes in detail how a Russian APT used a new attack technique, the “Nearest Neighbor Attack”, to leverage Wi-Fi networks in close proximity to the intended target while the attacker was halfway around the world.
Read more here: www.volexity.com/blog/2024/11...
Read more here: www.volexity.com/blog/2024/11...
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
In early February 2022, notably just ahead of the Russian invasion of Ukraine, Volexity made a discovery that led to one of the most fascinating and complex incident investigations Volexity had ever w...
www.volexity.com
November 22, 2024 at 2:58 PM
@volexity.com’s latest blog post describes in detail how a Russian APT used a new attack technique, the “Nearest Neighbor Attack”, to leverage Wi-Fi networks in close proximity to the intended target while the attacker was halfway around the world.
Read more here: www.volexity.com/blog/2024/11...
Read more here: www.volexity.com/blog/2024/11...
Reposted by toryc
BlueTeamOps has published a new project named LOLESXi (Living Off The Land ESXi).
The project lists binaries and scripts that are natively available in VMware ESXi that have been used by threat actors in their attacks in the past.
lolesxi-project.github.io/LOLESXi/
The project lists binaries and scripts that are natively available in VMware ESXi that have been used by threat actors in their attacks in the past.
lolesxi-project.github.io/LOLESXi/
October 1, 2024 at 11:54 AM
BlueTeamOps has published a new project named LOLESXi (Living Off The Land ESXi).
The project lists binaries and scripts that are natively available in VMware ESXi that have been used by threat actors in their attacks in the past.
lolesxi-project.github.io/LOLESXi/
The project lists binaries and scripts that are natively available in VMware ESXi that have been used by threat actors in their attacks in the past.
lolesxi-project.github.io/LOLESXi/
Reposted by toryc
Heads up! On October 11 we ship curl 8.4.0. We cut the release cycle short for this "emergency release" with a fix for a severity HIGH CVE (and one LOW). Buckle up. And my apologies for this inconvenience.
October 3, 2023 at 7:13 AM
Heads up! On October 11 we ship curl 8.4.0. We cut the release cycle short for this "emergency release" with a fix for a severity HIGH CVE (and one LOW). Buckle up. And my apologies for this inconvenience.
Reposted by toryc
Picard management tip: When you've gotten enough sleep, an impossible task becomes an interesting challenge.
August 27, 2023 at 9:04 PM
Picard management tip: When you've gotten enough sleep, an impossible task becomes an interesting challenge.
So much capability goes unutilized, simply because Open Source Software doesn't have a marketing department.
August 6, 2023 at 4:53 PM
So much capability goes unutilized, simply because Open Source Software doesn't have a marketing department.
Reposted by toryc
Hearing disturbing rumors that some of these protestors on the picket line are professional actors
July 18, 2023 at 10:16 PM
Hearing disturbing rumors that some of these protestors on the picket line are professional actors
After finishing a podcast discussing Open Source Golang development, I decided to check the dates for DFRWS this year.
It ended today 🫠
It ended today 🫠
July 12, 2023 at 7:12 PM
After finishing a podcast discussing Open Source Golang development, I decided to check the dates for DFRWS this year.
It ended today 🫠
It ended today 🫠