/community-contributions

A collection of my presentations, blog posts, and other contributions to the information security community

community-contributions

A collection of my presentations, blog posts, and other contributions to the information security community

Date Author(s) Title Type
03/06/2024 David French From soup to nuts: Building a Detection-as-Code pipeline @ FIRST Technical Colloquium Presentation
01/30/2024 David French Getting Started with Detection-as-Code and Chronicle Security Operations Blog
12/05/2023 David French Detecting Suspicious Domains in Chronicle Using Entity Enrichment Data Blog
07/27/2023 David French From soup to nuts: Building a Detection-as-Code pipeline Blog
07/12/2022 David French Threat hunting in Okta logs Blog
08/04/2021 David French (Black Hat Bio) Black Hat Arsenal 2021: Using Dorothy to Test Okta SSO Visibility and Detection Presentation
12/08/2020 David French Dorothy: A tool to test security monitoring and detection for Okta environments Blog, Presentation Tool
08/21/2020 Brent Murphy, David French Security operations: Cloud monitoring and detection with Elastic Security Blog
08/13/2020 David French, Neil Desai Threat hunting capture the flag with Elastic Security: BSides 2020 Blog
08/11/2020 Bobby Filar, David French ProblemChild: Discovering Anomalous Patterns based on Parent-Child Process Relationships Paper
08/11/2020 David French, Devon Kerr How to Plan and Execute a Hunt Presentation
07/11/2020 David French, Daniel Stepanic, Devon Kerr, Justin Ibarra, Neil Desai Threat Hunting Capture the Flag at BSides SATX CTF
03/24/2020 David French, Brent Murphy Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 1, Part 2) Blog
03/20/2020 David French, Bobby Filar A Chain Is No Stronger Than Its Weakest LNK @ BSides SLC (Video, Slides) Presentation
02/24/2020 David French, Brent Murphy The Elastic Guide to Threat Hunting Book
02/18/2020 Brent Murphy, David French Hunting for persistence using Elastic Security Webinar
12/04/2019 David French Ransomware, interrupted: Sodinokibi and the supply chain Blog
10/25/2019 Bobby Filar, David French, Hyrum Anderson ProblemChild: Discovering Anomalous Patterns based on Parent-Child Process Relationships @ CAMLIS (Slides, Video) Presentation
08/16/2019 David French Detecting Adversary Tradecraft with Image Load Event Logging and EQL Blog
10/09/2018 David French Detecting & Removing an Attacker’s WMI Persistence Blog
10/02/2018 David French Detecting Attempts to Steal Passwords from Memory Blog
10/02/2018 David French Detecting Attempts to Steal Passwords from the Registry Blog
10/01/2018 David French How to Setup “Cowrie” — An SSH Honeypot Blog
09/30/2018 David French 5-Minute Analysis of a Remote Access Trojan Blog
09/30/2018 David French Detecting Lateral Movement Blog
10/04/2017 David French Passive Reconnaissance Techniques for Your Defense @ FS-ISAC Summit Presentation