Co-founder at @gravwell_io. Embedded systems, SCADA security researcher. Acme Pharm CTFer. Plays well with others.
Joined November 2012
- Tweets 610
- Following 300
- Followers 908
- Likes 380
22 Photos and videos
Pinned Tweet
23 Mar 2022
We didn't have an "explainer" video and run-of-the-mill animations are boring so we made this. I'd wager most of us got into this business because computers are fun and awesome. Keep the magic alive! youtube.com/watch?v=Zh76NUUm…
1
6
Corey Thuen retweeted
16 May 2022
By learning how things worked first -- all the tedious boring bits rather than starting with the exciting stuff.
1
31
Corey Thuen retweeted
5 May 2022
If you like hacking car ECUs, reverse-engineering software/firmware, tapping serial buses, fuzzing, or some combination of these things, DM me or email matt_at_grimm-co.com. Aerospace your thing? Medical devices? ICS and Power Grid? Endpoint-Dev? email me.
3
2
Corey Thuen retweeted
21 Apr 2022
Continuing to unpack #Gravwell "Orion" v5.0.0 is a new kit for Palo Alto Networks Next-Generation Firewall. You'll see traffic logs similar to Netflow but containing more metadata.
Read an in-depth overview and see the pre-built kit dashboards here: hubs.la/Q018ySvh0
1
5
3
12 Apr 2022
So... our new flows feature adds automation capabilities to Gravwell, but it's *very* flexible. One of our devs was asked to write a basic "hello world" example but the jackass wrote a MIPS emulator to do it instead. Respect. gravwell.io/blog/hello-world…
29 Mar 2022
This is also why you should be streaming logs to a central repository.
29 Mar 2022
For anyone that's ever wondered "If I have EDR, is that enough? Do I still need separate network visibility?", below is one clear reason the answer is "yes". Endpoints are highly unreliable observers once compromised.
1
Corey Thuen retweeted
8 Mar 2022
Gravwell engineer John consistently gathered CPU temperature data from his machine and recently applied a BIOS update. Take a look at the clear-cut before-and-after results in this brief blog post (2-min read).
hubs.la/Q015BZkd0
#Ryzen7 #AMD #CPUtemp #ASRock
1
2
8 Mar 2022
Stats are cool! John is monitoring his CPU temperature and shows the before&after of a BIOS update. The chart of the average temperature didn't do much, but the variance is hilarious. gravwell.io/blog/did-that-bi…
15 Feb 2022
You should watch the video because it's awesome, but the tl;dr is Gravwell CE is now free for personal *and* commercial use at 1/10th of an Astronomical Unit in Bytes per day (~14gb).
Embark on a Quest for Omniscience!
Collect logs, create dashboards, reduce attacker dwell time.
15 Feb 2022
An exciting update from Gravwell!
Watch and read more at: hubs.la/Q014b41J0
#SecOps #DevOps #ITOps #DevSecOps #Gravwell #CommunityEdition #CE
1
2
Corey Thuen retweeted
15 Feb 2022
An exciting update from Gravwell!
Watch and read more at: hubs.la/Q014b41J0
#SecOps #DevOps #ITOps #DevSecOps #Gravwell #CommunityEdition #CE
4
5
Corey Thuen retweeted
22 Dec 2021
Season's greetings from @gravwell_io! We can't wait to show you what we have planned for 2022. Have a joyful safe holiday season and a Happy New Year to all!
1
2
Corey Thuen retweeted
2 Nov 2021
Want to know which applications are listening to you via your microphone? This post has you covered as we dive into Sysmon events 12-14.
What's in a Sysmon Event - Windows Registry EventIDs 12, 13, 14 hubs.ly/H0-wj_J0
1
2
15 Oct 2021
All data. No limits.
#limitssuck
15 Oct 2021
Gravwell Guns for Splunk With Scalable Data Fusion
CEO Corey Thuen:“What we're trying to do for our customers is commoditize data science, give them the opportunity to do data fusion, and ask any question they need.”
sdxcentral.com/articles/news…
#DataAnalytics #Splunk @gravwell_io
Corey Thuen retweeted
5 Aug 2021
Unlimited ingestion of #data at the binary level...with no limits? Let's talk about some things that make Gravwell different. Come by our booth at #blackhat in the Innovation City to chat about it. #blackhat2021 #bhusa
1
2
Corey Thuen retweeted
4 Aug 2021
#blackhat2021 is kicked off! Come by our booth and snag some sweet swag, such as our high-quality playing cards! #blackhat #bhUSA
3
7
Corey Thuen retweeted
3 Aug 2021
Getting geared up for #blackhat2021 with a pile of swag you wont wanna miss out on. See you at booth IC22 in the Innovation City!
1
4
Thank you @DanielMiessler for pointing out this great @Cloudflare blog on AWS bandwidth egress pricing mark ups. blog.cloudflare.com/aws-egre…
1
2
13
Corey Thuen retweeted
29 Jul 2021
IBM/Ponemon breach cost report: On average, victims took 287 days to identify a breach and those that took longer to identify cost more.
>200 days: $4.87m
<200 days: $3.61m
Check out this (oldie but goodie) After Action Report detailing a breach response. hubs.la/H0TlSbt0
1
2
Corey Thuen retweeted
27 Jul 2021
This is a huge week for us as we release a major product update in version 4.2 as well as unveil the all new logo and website. Founder @CoreyThuen shares a bit about the journey to get here. hubs.la/H0Tcn150
1
4