Share this page!

Chris Sanders 🍯 Profile picture
Twitter logo
16 Jan, 4 tweets, 1 min read
Last week I laughed at my wife's playoff football predictions because of her reasons, but then she went 5-1. So, here are this week's predictions and her explanations...
Saturday:

Packers over Rams - "The Packers were in the Pitch Perfect movie"

Ravens over Bills - "Bills is a dumb name for a football team."
Sunday:

Browns over Chiefs - "I'm not excited about either of these teams, but there's not a lot going on in Cleveland so I feel like they need this."

Saints over Buccaneers - "Because that's the team you [I] like."
I got her bonus Kentucky vs. Auburn MBB prediction...

"You're gonna think they'll lose and spend the whole game thinking they will lose but then they'll win and you'll be relieved but not really surprised. But, they are kinda bad this year so they might actually lose."

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Chris Sanders 🍯

Chris Sanders 🍯 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @chrissanders88

Chris Sanders 🍯 Profile picture
19 Jan
For threat hunting, a non-trivial amount of the work is referencing, creating, and updating system and network inventory. This doesn't get talked about enough as a skill set that someone develops. 1/
Threat hunting is all about finding anomalies that automated detection mechanisms don't find. That means manual anomaly detection, which sometimes means weeding out things that are normal. 2/
For example, let's say you discover a binary that runs in the middle of the night on a host and that's weird! So, you eventually search for the prevalence of that behavior and see it running on other hosts in that department. 3/
Read 17 tweets
Chris Sanders 🍯 Profile picture
7 Jan
I'm sad and angry about the insurrection that took place in DC yesterday. I have a lot I want to say at some point, but for now I just want to say this in case anyone following me needs to hear it...
Free and fair elections are the bedrock of democracy. While more should be done to make access to elections easier, the presidential election was fair and the results are valid.
There has been no legitimate evidence that suggests any anomalies remotely close to a scale that would overturn a decisive election result. That's after 62 failed lawsuits and multiple recounts and audits.
Read 10 tweets
Chris Sanders 🍯 Profile picture
4 Jan
I think blue team work poses a greater number of challenges than red team work (there's just so much attack surface). However, I think writing a red team report is inherently harder than writing forensic reports. 1/
In a forensic report, a story already happened and you have to tell it. It takes practice and skill to do that well, but there is less of a creative element. The analyst's burden to elicit an emotional response is smaller. 2/
The events in the report themselves have evoked emotion... pain, sadness, etc. It's not as hard to get folks to take action because they've already felt these things. 3/
Read 13 tweets
Chris Sanders 🍯 Profile picture
1 Jan
Starting 2021 off well with *perfect* mushroom risotto. 🍄 Image
Because perfect leftover risotto deserves to be made into arancini.
Image
Read 4 tweets
Chris Sanders 🍯 Profile picture
28 Oct 20
One of the things I do in my Investigation Theory course, for those willing, is work with students individually to help them learn to ask better investigative questions. For example, one student started with this Suricata rule:

1/
The task here is to start by asking a couple of investigative questions, assuming you have access to any evidence you might want. This student posed these two:

1. How long as this machine been infected?
2. How many beacons has the machine sent?

2/
In this case, the student is making some assumptions that the machine is already infected, but we don’t really know that for certain yet. The first goal should be proving or disproving the infection.

How do you do that? 3/
Read 17 tweets
Chris Sanders 🍯 Profile picture
27 Oct 20
This was something I left intentionally vague in the poll to see how people interpreted it. Namely, some interpreted as competitive within your team, others as competitive in relation to a goal/adversary. Reveals some predispositions and bias, perhaps?
Consider the example of a wide receiver. They are internally competitive with their teammates because there are only so many spots on the team and passes to catch. At the same time, they are externally competitive towards the other team because they want to win the game.
In security, I observe that internal competitiveness is often over exhibited relative to the value and external competitiveness under exhibited relative to the value.
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @chrissanders88 has new unrolls!

Check out other threads from @chrissanders88!

Read all threads by @chrissanders88