Skip to contentStories
2026-06-06 Threat Hunting Playbook · Early June 2026 — Hunt Hypotheses, Detection Rules, and the Telemetry You Actually Need
2026-06-03 A Practical Detection Engineering Framework Used by Modern SOCs
2026-06-03 What Cloud Logs You Actually Need for Threat Hunting (And Why Most Teams Fail)
2026-06-03 How to Measure Detection Quality: Metrics Every Detection Engineer Must Track
2026-06-01 Weekly Threat Advisory: Top Cyber Adversaries May 24 – 31, 2026
2026-05-25 Weekly Threat Advisory: Top Cyber Adversaries May 18 – 24, 2026
2026-05-18 Weekly Threat Advisory: Top Cyber Adversaries May 11 – 17, 2026
2026-05-16 Living-off-the-Cloud Attack-Chain Detection: CloudTrail and VPC Flow Fusion
2026-05-16 Insider Threat Detection from VPC Flow Logs (UEBA Without Endpoints)
2026-05-16 Kubernetes East-West Attack Hunting from VPC Flow Logs
2026-05-16 Tor and Anonymizer Egress Hunting on VPC Flow Logs
2026-05-16 Cloud Cryptojacking Detection at Scale: Mining-Pool Hunting on AWS
2026-05-16 TLS Fingerprinting (JA3, JA4, JARM) for Encrypted C2 Hunting
2026-05-16 DGA and DNS-Tunnel Hunting at Scale on VPC Flow Logs
2026-05-15 Lateral Movement Detection via Graph Analysis on VPC Flow Logs
2026-05-15 Detecting Low-and-Slow Data Exfiltration with Isolation Forest + LSTM
2026-05-15 Hunting Botnet Coordination and DDoS Staging with Clustering
2026-05-15 Living-off-the-Land Kill Chain Detection with Markov Chains
2026-05-13 Adaptive C2 Beacon Detection: FFT and DBSCAN on VPC Flow Logs
2026-05-11 Weekly Threat Advisory: Top Cyber Adversaries May 04 – 10, 2026
2026-05-09 AWS Bedrock Threat Hunting: A CloudTrail Log Analysis Playbook
2025-10-22 Weekly Threat Advisory: The Most Active Cyber Adversaries October 13 – October 19, 2025
2025-10-22 Weekly Threat Advisory: The Most Active Cyber Adversaries October 06 – October 12, 2025
2025-10-08 Weekly Threat Advisory: The Most Active Cyber Adversaries Sep 29 – Oct 05, 2025
2025-10-02 Weekly Threat Advisory: Top Cyber Threats from September 22 – September 28 2025
2025-09-23 Weekly Threat Advisory: Top Cyber Threats from September 15 – September 21 2025
2025-09-23 Weekly Threat Advisory: Top Cyber Threats from September 08 – September 14 2025
2025-09-09 Weekly Threat Advisory: Top Cyber Threats from September 01 – September 07 2025
2025-09-09 Weekly Threat Advisory: Top Cyber Threats from August 25- August 31 2025
2025-08-26 Weekly Threat Advisory: Top Cyber Threats from August 18- August 24, 2025
2025-08-18 Weekly Threat Advisory: Top Cyber Threats from August 11- August 17, 2025
2025-08-10 Weekly Threat Advisory: Top Cyber Threats from August 04- August 10, 2025
2025-08-05 Weekly Threat Advisory: Top Cyber Threats from July 14- August 03, 2025
2025-08-05 Weekly Threat Advisory: Top Cyber Threats from June 16- June 22, 2025
2025-08-05 Weekly Threat Advisory: Top Cyber Threats from June 09 – June 15, 2025
2025-08-05 Weekly Threat Advisory: Top Cyber Threats from June 02 – June 08, 2025
2025-07-14 AWS Cloud Attack Summary
2025-06-17 Attack Hunting Using AWS VPC Flow Logs
2025-06-05 Weekly Threat Advisory: Top Cyber Threats from May 26 – June 01, 2025
2025-06-05 Weekly Threat Advisory Top Cyber Threats from May 19 – May 25, 2025
2025-05-21 Weekly Threat Advisory Top Cyber Threats from May 12 – May 18, 2025
2025-05-12 Weekly Threat Advisory Top Cyber Threats from May 4 – May 11, 2025
2025-04-27 Weekly Threat Advisory Top Cyber Threats from April 20 – April 27, 2025
2025-04-20 Weekly Threat Advisory Top Cyber Threats from April 14 – April 20, 2025
2025-04-14 Weekly Threat Advisory Top Cyber Threats from April 07 – April 13, 2025
2025-04-12 Hunting AWS Identity Attacks
2025-04-07 Weekly Threat Advisory Top Cyber Threats from March 30 – April 6 2025
2025-03-30 Weekly Threat Advisory Top Cyber Threats from March 24 – March 30 2025
2025-03-23 Weekly Threat Advisory Top Cyber Threats from March 17 – March 23 2025
2025-03-16 Weekly Threat Advisory Top Cyber Threats from March 10 – March 16 2025
