AUTHOR

Articles by Joe Desimone

Videos

Detecting Cobalt Strike with memory signatures

Signature-based detection — especially in-memory scanning — can be a valuable detection strategy. In this blog, learn how to detect Cobalt Strike regardless of configuration or stealth features enabled with an effective false positive rate of zero.

Videos

Hunting In Memory

Threat Hunters are charged with the difficult task of sifting through vast sources of diverse data to pinpoint adversarial activity at any stage in the attack.

Videos

Hunting For In-Memory .NET Attacks

As a follow up to my DerbyCon presentation, this post will investigate an emerging trend of adversaries using .NET-based in-memory techniques to evade detection