Richard Ackroyd
@richardackroyd.com
Cyber Security | Staff Security Engineer @Ripple (fintech/crypto) | Specialised in Detection & Response 🦈 Ex @PwC
Not long ago I did a presentation for the UKCSC, and this Detection Engineering “starter pack” pointed to the resources discussed, check it out 🦈
github.com/rfackroyd/de...
github.com/rfackroyd/de...
GitHub - rfackroyd/detection-engineering-starter-pack: A starter pack of resources to help you get started in Detection Engineering.
A starter pack of resources to help you get started in Detection Engineering. - rfackroyd/detection-engineering-starter-pack
github.com
July 5, 2025 at 7:49 AM
Not long ago I did a presentation for the UKCSC, and this Detection Engineering “starter pack” pointed to the resources discussed, check it out 🦈
github.com/rfackroyd/de...
github.com/rfackroyd/de...
For those of you returning after a while, this is how you can make your own domain your BlueSky handle. Decent feature IMO
bsky.social/about/blog/4...
bsky.social/about/blog/4...
How to set your domain as your handle - Bluesky
Using a domain as your handle helps with account identity, verification, and portability. Here's how to set your domain as your handle.
bsky.social
November 14, 2024 at 3:47 PM
For those of you returning after a while, this is how you can make your own domain your BlueSky handle. Decent feature IMO
bsky.social/about/blog/4...
bsky.social/about/blog/4...
More key reading for detection engineers looking to create robust detection rules
posts.specterops.io/capability-a...
posts.specterops.io/capability-a...
Capability Abstraction
Have you ever wondered how to assess detection coverage for a specific attack technique? Understanding capability abstraction may help!
posts.specterops.io
November 14, 2024 at 3:45 PM
More key reading for detection engineers looking to create robust detection rules
posts.specterops.io/capability-a...
posts.specterops.io/capability-a...
Also, please DM me any users you think should be on here.
Join if you are keen on talking Detection Engineering! #cyber #detection #edr #siem
bsky.app/profile/did:...
bsky.app/profile/did:...
November 14, 2024 at 2:27 PM
Also, please DM me any users you think should be on here.
Something for the side-project people!
This is a site that shows you SaaS, PaaS, IaaS, and other solutions with free developer tiers
free-for.dev
This is a site that shows you SaaS, PaaS, IaaS, and other solutions with free developer tiers
free-for.dev
Free for Developers
Developers and Open Source authors now have a massive amount of services offering free tiers, but it can be hard to find them all to make informed decisions.
free-for.dev
November 14, 2024 at 10:16 AM
Something for the side-project people!
This is a site that shows you SaaS, PaaS, IaaS, and other solutions with free developer tiers
free-for.dev
This is a site that shows you SaaS, PaaS, IaaS, and other solutions with free developer tiers
free-for.dev
Seeing more examples of malware sitting in the root of Public or ProgramData directories...
Use a regex like this to pin these down.
C\:\\ProgramData\\[^\\\/]{0,50}\.(exe|js|vbs|vbe|ps1|hta|bat)
Use a regex like this to pin these down.
C\:\\ProgramData\\[^\\\/]{0,50}\.(exe|js|vbs|vbe|ps1|hta|bat)
November 14, 2024 at 9:46 AM
Seeing more examples of malware sitting in the root of Public or ProgramData directories...
Use a regex like this to pin these down.
C\:\\ProgramData\\[^\\\/]{0,50}\.(exe|js|vbs|vbe|ps1|hta|bat)
Use a regex like this to pin these down.
C\:\\ProgramData\\[^\\\/]{0,50}\.(exe|js|vbs|vbe|ps1|hta|bat)
Key reading for anyone in cyber threat detection. They have really managed to crystallise the core strategy underprinning robust detection rules
center-for-threat-informed-defense.github.io/summiting-th...
center-for-threat-informed-defense.github.io/summiting-th...
Summiting the Pyramid v1.0.0 — Summiting the Pyramid v1.0.0 documentation
center-for-threat-informed-defense.github.io
November 14, 2024 at 9:33 AM
Key reading for anyone in cyber threat detection. They have really managed to crystallise the core strategy underprinning robust detection rules
center-for-threat-informed-defense.github.io/summiting-th...
center-for-threat-informed-defense.github.io/summiting-th...
Join if you are keen on talking Detection Engineering! #cyber #detection #edr #siem
bsky.app/profile/did:...
bsky.app/profile/did:...
November 14, 2024 at 8:01 AM
Join if you are keen on talking Detection Engineering! #cyber #detection #edr #siem
bsky.app/profile/did:...
bsky.app/profile/did:...
Hey all am here to chat all things Security, Threat Hunting, Intelligence and Detection Engineering
Can anyone recommend some open source tools to find my Twitter following list on BlueSky?
Can anyone recommend some open source tools to find my Twitter following list on BlueSky?
November 14, 2024 at 7:52 AM
Hey all am here to chat all things Security, Threat Hunting, Intelligence and Detection Engineering
Can anyone recommend some open source tools to find my Twitter following list on BlueSky?
Can anyone recommend some open source tools to find my Twitter following list on BlueSky?
Quick pivoting tip - "Similar by imphash" on VT allows you to quickly identify other samples that have imported the same libraries and called the subsequent functions in the same order. #ThreatIntelligence #ThreatHunting
August 7, 2023 at 3:54 AM
Quick pivoting tip - "Similar by imphash" on VT allows you to quickly identify other samples that have imported the same libraries and called the subsequent functions in the same order. #ThreatIntelligence #ThreatHunting
*cracks fingers*
right, onto the next social media platform
hopefully this one is good for the infosec crowd
right, onto the next social media platform
hopefully this one is good for the infosec crowd
August 7, 2023 at 1:30 AM
*cracks fingers*
right, onto the next social media platform
hopefully this one is good for the infosec crowd
right, onto the next social media platform
hopefully this one is good for the infosec crowd