I'll also be giving this talk at BSides SW about the PROTOSTAR project. . Bottom line, I think AI can help us solve this, but not as a "quick fix" where we throw existing alerts at it, from existing tools. The real question is, are we solving false positives with AI, or are we just monetizing them?

I'll be presenting the CAUSALITY intrusion prediction project for the third time at BSides Fort Myers November 15. This blog / video combination gives a brief overview of the project and the 132 correct CVE predictions it has made this year.

blog / show and tell is here: lnkd.in/ec-RH4zs

Reading gzipped CloudTrail files from an S3 bucket directly into a data-frame is possible

It is def getting harder to confuse the models with questions like how many legs does a dog or cat have. And they seem to be developing a lot of personality

My neighbor runs a GC crew and hooked me up with new siding. We discovered a door to a crawlspace under my porch while they removed the old siding and now I be like:

Here is a quick 2 minute show and tell of OpenDR, a FOSS EDR alternative in Python, simple to set up and use so it is an option in environments where agents are not a cultural fit. If you like it, please give it some stars. And tell us what you want us to add!
github.com/cyberdyne-ve...

Let's put the CVE list in json instead of CSV, they said
we can have as many nested fields as we want, they said
json is the future, they said, it will be great

At a Microsoft event last week, Stephen Wolfram mused that if and when it does become a sentient intelligence, it will not be quite like a human intelligence, but something else entirely.

OK this is what I thought; CVSS scores and severity vary for extreme risk CVEs on watchlists like KEV. Which is why I don't think a focus on critical or high severity labels, and associated CVSS scores, is enough.

Loading the 2024 CVE set into a data frame (it is bigger than it looks)