Discover and read the best of Twitter Threads about #detectrum

Most recents (2)

Everyone has diff vernacular for their models and ideas, but I define detection on a spectrum, where logic for the purpose of finding evil is measured by output fidelity, result set size, time/expertise requirements for review, and most importantly, “threat density.” #detectrum
The #detectrum is just a mental model for me, a way to explain the different intents and purposes for all sorts of logic and technologies and haystacks that help us find and attribute intrusion activity.
It’s not novel or special, but the detectrum can be helpful when you are examining the complex systems (people, processes, myriads of technologies) within a large intelligence apparatus.
Read 12 tweets
You may not think attribution matters, but I think attribution is also on the detection spectrum, or #DETECTRUM. I'm trying to think about it as layers of additive traps that enable us to hedge our bets for visibility, resilience in detection, sometimes to figure out who dun it.
I think the #DETECTRUM can be used to model both inputs and outputs of the detection engineering process - whether you're plotting "logic designed to find evil," alerts, the tech, or the or the data itself. The graphs might look a bit different, but same ideology might be useful
See also this thread and this thread:



and there's plenty of commentary on the #detectrum as well

Read 4 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!