detection 36

• Less panic patching, more precision May 28, 2026
• Grading on a curve: How to assess a pentest May 28, 2026
• From Exploit Code to Production Detection: Building a CVE-2026-31431 (Copy Fail) detection with Agents May 28, 2026
• Investigating suspicious AI workflows in Microsoft Entra Agent ID: Autonomous agents May 27, 2026
• Introducing EvidenceForge: Synthetic security logs that don’t look (as) fake May 27, 2026
• How to detect HTTP/2 abuse in Apache web server logs May 27, 2026
• Remove SPNs and Fix Kerberoasting May 24, 2026
• Paved With Intent: ROADtools and Nation-State Tactics in the Cloud May 22, 2026
• Investigating server compromises with cgroups: A Linux DFIR primer May 13, 2026
• Nuclei Templates - April 2026 May 12, 2026
• State-sponsored actors, better known as the friends you don’t want May 12, 2026
• Slamming the Door on Quick Assist Tech Support Scams and Abuse May 12, 2026
• Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools May 11, 2026
• Hunting ClickFix Win + X Variants May 8, 2026
• Open-Sourcing 140+ Weaponisable File Type Samples: Test What Your Defences Actually Block May 6, 2026
• Insights into the clustering and reuse of phone numbers in scam emails May 6, 2026
• The Defensive Stack is Exposed: LLMs, Reverse Engineering, and the End of Opaque Defense May 5, 2026
• AWS Security Digest #259 - Better late May 4, 2026
• Tuned by Design: Why Detection Engineering Needs Its Own Development Lifecycle May 2, 2026
• Essential Data Sources for Detection Beyond the Endpoint May 1, 2026
• The Life-Dinner Principle in Detection May 1, 2026
• Identifying and containing a data breach Apr 23, 2026
• Detection Visibility Metrics Apr 21, 2026
• Spotting CI/CD misconfigurations before the bots do: Securing GitHub Actions with Datadog IaC Security Apr 17, 2026
• Identity, browsers, and node.js: Everything you missed in the Threat Detection Report miniseries Apr 16, 2026
• Detect runtime threats in Python Lambda functions with Datadog AAP Apr 15, 2026
• Validating Browser Defences with Push Security and delivr.to Apr 13, 2026
• From the field to the report and back again: How incident responders can use the Year in Review Apr 10, 2026
• The threat hunter’s gambit Apr 10, 2026
• CI/CD security: How to secure your GitHub ecosystem Apr 9, 2026
• CI/CD security: threat modeling using a MITRE-style threat matrix Apr 9, 2026
• AI in cybersecurity: The good, the bad, and the FUD Apr 9, 2026
• Year in Review: Vulnerabilities old and new and something React2 Apr 8, 2026
• PrivEsc: Abusing the Service Control Manager for Stealthy & Persistent LPE Apr 8, 2026
• Introducing MacNoise! Apr 8, 2026
• Building a Detection Foundation: Part 5 - Correlation in Practice Apr 8, 2026