Detection Engineering
List of detection engineers, threat detection analysts and intelligence folks who post useful information for detection engineering!
Created by
@techy.detectionengineering.net
@cyb3rops.bsky.social
Placeholder profile : https://x.com/cyb3rops | glad to be in this respectful safe space | vi/vim
@nasbench.bsky.social
Detection @Splunk | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
@amitaico.bsky.social
personal website @ cloudcurio.us ✦ researching @ Wiz Security (threats.wiz.io) 🐞 maintaining @ cloudvulndb.org 🎙️ podcasting @ cryingoutcloud.io 🗺️ pivoting @ Pivot Atlas (gopivot.ing)
@lennart.0x58ed.com
Building @nzyme.org // Leichtes Wirkmittel 30+ Houston, TX, USA KJ5KRF
@dprkcert.bsky.social
Official Computer Emergency Response Team (CERT) for the Democratic People's Republic of Korea #NorthSide #NorthKoreaBestKorea
@frichetten.com
Staff Security Researcher @datadoghq | DEF CON/Black Hat USA main stage speaker | he/him | OSCP OSWE | I turned hacking AWS into a career | Tweets are my own | Created https://hackingthe.cloud
@phillipwylie.bsky.social
Offensive Security Professional | Phillip Wylie Show Podcast Host | The Pentester Blueprint coauthor | TribeOfHackers Red Team | https://linktr.ee/phillipwylie
@jonny-johnson.bsky.social
Principal Windows Security Researcher @HuntressLabs | Windows Internals & Telemetry Research
@whit.zip
lead solutions architect @limacharlie.io / co-founder @digitaldefenseinstitute.com / co-founder Recon InfoSec ♥♥♥ == @eric.zip, nerdery, rainbows, sweatpants she/her | mama of 3 | 🤍🙏🌿🌈🍄 unicorns.lol https://short-stack.net whitneychampion.com/portfolio
@hgb.crowstrike.zip
DE&TH I like playing with malware, writing Sigma rules, and hoarding combo lists.
@infosecb.bsky.social
Threat Detection Engineer @ Klaviyo | Detection & Response | Security Automation | macOS Security | Maintainer of awesome-detection-engineering, LOOBins infosecb.com https://github.com/infosecB
@n-burns.bsky.social
Senior Detection Engineer and Threat Hunter @ Autodesk https://medium.com/@nburns9922 Opinions are my own (of course)
@jorgeorchilles.bsky.social
SANS Principal Instructor & Author #SEC565 | #RedTeam | #PurpleTeam | #PenTest | #C2Matrix Creator | ATT&CK & Atomic Red Team Contributor | Published Author
@mag00.bsky.social
Security person. Formerly @ Federal Reserve, FB, Coinbase. See Starting Up Security @ http://scrty.io
@stvemillertime.bsky.social
threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, ics/ot + cyber physical intel, and of course all things #yara
@b-levene.bsky.social
Head of Threat Informed Defense @Google Cybercrime Specialist Adjunct Professor at Johns Hopkins School of Advanced International Studies Alperovitch Institute Meme Fiend Aka “BLove”
@likethecoins.bsky.social
@malwareindepth.com
Malware Researcher | Developer | @Cryptolaemus1 | @NVIDIA Will happily talk about malware with anyone.
@rmogull.com
Cloud security, hacker, run/bike/drown, TK11940 in the 501st, itinerant disaster paramedic, private pilot, and other stuff. @rmogull on Signal SVP of Cloud Security at FireMon. CEO of Securosis. Both totally made up titles. https://slaw.securosis.com
@mattjay.com
Friendly neighborhood cybersecurity guy | expect infosec news, appsec, cloud, dfir. | Long Island elder emo in ATX. vulnu.com <- sign up for my weekly cybersecurity newsletter
@mccune.org.uk
Security geek, Containers, Kubernetes, Golang/Ruby, hillwalking Home Page :- https://www.mccune.org.uk Blog:- https://raesene.github.io
@n0x08.bsky.social
Network Security | Hacker | WIRED25 2020 | CTI-League Founder | Security Researcher
@oxley.io
Amazon/AWS Threat Intelligence. @CitizenLab.ca Research Fellow. Former federal agent. Fan of space, books, technology, and Mother Nature🌪️. Personal account. 🇺🇸 🇺🇦 🇹🇼 #ThreatIntel Storm chasing: https://bsky.app/profile/wxdox.com
@selenalarson.bsky.social
cyber, dogs, sports, memes. she/her. podcaster. "bluesky's humblest resident nailfluencer 💅" - Jerry my heart is in the west 🌵🌊
@jason-trost.bsky.social
Senior Staff Engineer at Databricks focused on Threat Detection / Security / ML / Data. Formerly Dept of Defense, Booz Allen, Endgame, Anomali, CapitalOne , HSBC
@matterpreter.bsky.social
Red team guy gone purple at Prelude💜 | Author of Evading EDR http://nostarch.com/evading-edr 📖 | Security research & windows internals 🦠
@ajking.io
Threat Research at SnapAttack now part of Splunk now part of Cisco / Detection Engineering / Dad | #DetectionEngineering #ThreatHunting #PurpleTeam | Header art from http://art.vx-underground.org.
@hexacorn.bsky.social
Red Brain, Blue Fingers Malware Analysis, Reverse Engineering, Threat Hunting, Detection Engineering, DFIR, Security Research, Programming, Curiosities, Software Archaeology, Puzzles, Bad dad jokes https://www.hexacorn.com/blog/ hexacorn@infosec.exchange
@kostastsale.bsky.social
@thedfirreport.bsky.social | Sharing insights in #ThreatIntel, #malware, #IR & #Threat_Hunting. Opinions are mine only! 🇬🇷🇨🇦
@mthcht.bsky.social
Threat Hunting - DFIR - Detection Engineering 🐙 https://github.com/mthcht 🐦 https://x.com/mthcht 📰 https://mthcht.medium.com
@mattreduce.com
🔍 Detection & Response, CTI @ HashiCorp ✍️ CTI newsletter and blog @sourcesmethods.com
@christophetd.fr
Cloud and container security • Security research and open source at Datadog 🇨🇭🇫🇷 https://christophetd.fr
@cyb3rmonk.bsky.social
https://academy.bluraven.io Threat Hunting & Research, Detection Engineering | Microsoft Security MVP #KQL #DFIR #DataScience All is one. Opinions are my own http://posts.bluraven.io https://github.com/Cyb3r-Monk/Threat-Hunting-and-Detection
@signalblur.bsky.social
Cloud Security Researcher Founder of https://magonia.io #Cloud #Container #NSM #Malware #CTI #ThreatIntel UFO Enthusiast Opinions are my own. He/Him
@siigil.bsky.social
Security Researcher @ Datadog. 🐶 Head in the (Azure) clouds. Sometimes blogging, always curious. Aim to be, rather than to seem. Blogs at https://kknowl.es.
@securepeacock.bsky.social
I find weird things on networks. #PurpleTeam | Ex Raytheon MSSP, SCYTHE, & GD | Taught at BlackHat & DEFCON | #100DaysofSigma | Keep exploring, keep learning, and stay curious.
@eric.zip
- Dad of two <3 - Co-founder Recon InfoSec - SANS DFIR Instructor - BlackHat Trainer - IANS Faculty - Trainer @digitaldefenseinstitute.com - Blog: https://blog.ecapuano.com - ⬡ ODESZA, Lane 8, Kasbo 🎧 - ❤ @whit.zip
@alex.leetnoob.com
I’m just a girl who lives in Vegas & likes cloud malware, idk anymore.
@pivotcon.bsky.social
Threat Research Conference in Malaga, Spain, 7-9 May 2025 #StayTuned #ComingSoon #PIVOTcon #PIVOTcon25 https://pivotcon.org
@philofishal.bsky.social
macOS security researcher espousing no one's opinions but my own. Dogged follower of #lufc, at least until the world stops going round (IYKYK). philastokes.com
@aaroncti.bsky.social
Founder @perspectiveintel.bsky.social - Helping small businesses make sense of cyber threats. Author of Cyber Threat Intelligence: The No-Nonsense Guide for CISOs & Security Managers. Training at Kase Scenarios! Exec/Webinars @osint-community.bsky.social
@threathuntergirl.bsky.social
Friendly Neighborhood CTI Analyst | Children’s Book Author | Lego builder | Gamer | She/Her
@sleuthcon.bsky.social
SLEUTHCON is returning June 6th, 2025 in Arlington, VA! Join us in-person or virtually. 🎟️ Grab your tix now! | https://www.sleuthcon.com
@gleeda.bsky.social
@volatilityfoundation.org Core Dev | Art of Memory Forensics co-author | DFIR trainer and enthusiast | Director of Adversary Tactics @huntress.com
@cyberwarcon.bsky.social
CYBERWARCON is a one-day conference in Arlington, VA focused on the specter of destruction, disruption, and malicious influence on our society through cyber capabilities. cyberwarcon.com
@jroosen.bsky.social
SpyCloud - Director of Security Research, Cryptolaemus Coordinator, Emotet(Ivan)/QBot(Boris) Destroyer, gold prospector & former sysadmin.
@nixonnixoff.bsky.social
Chief Research Officer @ Unit 221B most reliable way to reach me is my company's outreach form on the website my other urls: https://infosec.exchange/@nixonnixoff https://www.linkedin.com/in/allison-nixon-81822124/ don't bother contacting me on twitter
@pylos.co
Threat Intel / CTI / OT / ICS / Critical Infra stuff along with other things. I genuinely care, and wish others did too. Website: pylos.co Training/Consulting: paralus.co
@jags.bsky.social
Executive Director for Intelligence and Security Research @ SentinelOne. Distinguished Fellow and Adj Professor @ Hopkins SAIS Alperovitch Institute. Three Buddy Problem Co-Host. LABScon Founder, Cyber Paleontologist, Fourth-Party Collector.
@ransomwaresommelier.com
Recorded Future - Ransomware Researcher Owner @greenarcher.io - Yours Truly, Johnny Dollar | The Press Guardian | The Clock | The Green Archer Weird mix of security, comics, photography and wine! www.greenarcher.io
@silascutler.bsky.social
You may know me from your server logs. Malware, Hacks, Internet Scanning, CTI w00w00, Censys, IST
@hegel.bsky.social
Distinguished Threat Researcher, Research Lead @SentinelOne. Advisor with @ValidinLLC. https://tomhegel.com/blog.html
@bushidotoken.net
🇬🇧 | Senior Threat Intelligence Advisor at Team Cymru | Co-author SANS FOR589 | Co-founder Curated Intel
@craiu.bsky.social
Romanian antihacker from another planet. #threatintel #yara #chess #taekwondo black belt Motto: "One reboot a day keeps the implant away"
@malwaretech.com
Cybersecurity person, ok at computers, one time domain buyer. https://marcushutchins.com
@malwarejake.bsky.social
Breaker of software, responder of incidents, IANS Faculty, VP R&D Hunter Strategy, Supreme Allied Commander of ANTIFA.
@hacks4pancakes.com
I am eminently qualified to speak from experience about a variety of dumpster fires. ICS DFIR at Dragos, martial artist, marksman, humanist, level 14 Neutral Good rogue, USAF retired. I post *very serious* things about infosec. Thoughts my own. Enby. 🏳️🌈
@cjunky.bsky.social
Ramblings of a Mad Englishman: Hacker @ BBC's Real Hustle & Mr Robot. Head of Sec @ DEF CON. Founder @ CTI-League, Ransomware Taskforce, w00w00, CDC NSF, (He/Him). Also Twitter @marcwrogers Mastodon cj@chaos.social
@doublepulsar.com
cybersecurity weather person. @gossithedog before Elon ruined everything
@hultquist.bsky.social
Mandiant Intelligence at Google. CYBERWARCON and SLEUTHCON founder. Johns Hopkins professor. Army vet.
@techy.detectionengineering.net
Creator of Detection Engineering Weekly (https://detectionengineering.net), Sec Research/Intel/Detection @ Datadog