Twitter | Search | |
Ryan Kazanciyan
Chief Product Officer ; Mandiant & PwC alumnus. Co-author of Incident Response & Computer Forensics, 3rd Ed (2014). Tech consultant for S2 & S3.
1,530
Tweets
185
Following
4,387
Followers
Tweets
Ryan Kazanciyan retweeted
Black Hat Oct 10
New Briefing from Ryan Kazanciyan () examines the emergence of software supply chain compromises, factors incentivizing attackers to adopt this approach & practical approaches to risk mitigation & defense enterprises can take in response
Reply Retweet Like
Ryan Kazanciyan Oct 3
Thanks to for inviting and me to present during this year’s retro talks! Great to have the opportunity to revisit our PowerShell research from 2014-2015.
Reply Retweet Like
Ryan Kazanciyan retweeted
𝓙𝓪𝓶𝓲𝓮 𝓛𝓮𝓿𝔂 💻 Aug 8
Some trivia: Did you know that Cygwin had a driver to expose memory on XP/2003 systems that mapped it as /dev/mem back around 2007-9ish? They discontinued sometime after Vista came out. I taught at Queens College using “sampling” with Cygwin and back then
Reply Retweet Like
Ryan Kazanciyan retweeted
Barack Obama Jun 8
“Low plastic stool, cheap but delicious noodles, cold Hanoi beer.” This is how I’ll remember Tony. He taught us about food — but more importantly, about its ability to bring us together. To make us a little less afraid of the unknown. We’ll miss him.
Reply Retweet Like
Ryan Kazanciyan retweeted
Scott Hanselman Apr 18
Replying to @shanselman
THIS IS NOT INTUITIVE. I WANT TO BE SECURE BUT YOU WON'T LET ME BE GREAT YOU RIDICULOUS BUNCH OF SECURITY WONKS
Reply Retweet Like
Ryan Kazanciyan retweeted
John Lambert Apr 8
If you think VirusTotal is mostly a malware repository, this presentation by will blow you away. The slides are finally public. 1⃣ article: 2⃣ Slides: 3⃣ Thread:
Reply Retweet Like
Ryan Kazanciyan retweeted
dave hull Mar 24
I need to check this out, sounds like fun.
Reply Retweet Like
Ryan Kazanciyan retweeted
Thomas H. Ptacek Mar 23
Replying to @tqbf
When we did Microcorruption, hardcore gamedevs dominated the leaderboard. Comparable skill requirements between low level security and serious gamedev. The industry they work in is one of the most abusive in all of tech.
Reply Retweet Like
Ryan Kazanciyan retweeted
Eva Mar 22
“No state actor would be this stupid.” Oh, let me sing you the song of my people. Nation states don’t always bring their A game, and the logs are littered with the traces of dumb things they’ve done.
Reply Retweet Like
Ryan Kazanciyan Mar 21
Replying to @williballenthin
hah! Oslo?
Reply Retweet Like
Ryan Kazanciyan retweeted
Howard Oakley Mar 19
macOS Unified log: 1 why, what and how
Reply Retweet Like
Ryan Kazanciyan retweeted
David Longenecker Mar 15
For a few months and I have been questioning each other about obscure event IDs and use cases. Out spilled a new Windows Advanced Logging Cheat Sheet, to supplement his excellent original Windows Logging Cheat Sheet:
Reply Retweet Like
Ryan Kazanciyan retweeted
elastic Mar 15
Relive the excitement of the presentation from the keynote. Watch demonstrate how his team depicts realistic hacks and how played a pivotal role in the story.
Reply Retweet Like
Ryan Kazanciyan retweeted
Oliver Smith Mar 15
Part 1 of our article, Signal the ATT&CK, is available now. Read all about building a near real-time detection capability using Signals — based on ’s adversarial tactics, techniques and common knowledge
Reply Retweet Like
Ryan Kazanciyan retweeted
Matt Graeber Mar 4
Replying to @_mhastings_ @ryankaz42
And I also finally got around to looking at and 's great "DSCompromised" slides (). Turns out, they were using the DSC Script Resource before it was cool. 😍
Reply Retweet Like
Ryan Kazanciyan Feb 27
Replying to @tim_roes @elastic
Thank you so much!
Reply Retweet Like
Ryan Kazanciyan Feb 27
Replying to @taosecurity @elastic
It was used to deploy patches to the Unix-based power management systems in the opening shots of episode 2
Reply Retweet Like
Ryan Kazanciyan retweeted
elastic Feb 27
Remember when we fought the Dark Army with ? dives into how the magic happened, live at ! (But catch up at )
Reply Retweet Like
Ryan Kazanciyan Feb 27
Thrilled to share the keynote stage at to present a behind-the-hacks look at , and how we wove and other tech (including Tanium!) into the show.
Reply Retweet Like
Ryan Kazanciyan retweeted
John Lambert Feb 15
What if you could run a benign on your network and understand and visualize propagation? is doing just that for a client and publishing the results (with permission). Fascinating. Link to blog post here:
Reply Retweet Like