Joined October 2010
- Tweets 532
- Following 211
- Followers 1,892
- Likes 749
89 Photos and videos
Pinned Tweet
12 Apr 2022
MSTICPy Pluralsight Training
Delighted to announce "Threat Intelligence with MSTICPy" course released by @pluralsight.
Using notebooks to investigate 3 #mitreattack techniques.
pluralsight.com/courses/thre…
#msticpy
4
39
144
May 2
🎉 Announcing MSTICPy 3.0 🚀
A big step for our Python threat hunting library.
(also passed the 1M downloads - currently 1.3M)!🍾
Release 3 is mainly a cleanup release, new Py version support, clearing out old junk. But new features also. See details: github.com/microsoft/msticpy…
ALT MSTICPy 3.0 Python-themed birthday cake
5
13
797
25 Sep 2025
MSTICPy v2.17.0 released
- new RRCF outlier detection
- AWS extension for Prisma Cloud AWS
- Update Defender Auth to OAuth v2 and fix bugs
- Python 3.12 support
More details here github.com/microsoft/msticpy…
@msticpy
ALT PyPI Release page for mystic Pie
1
4
3
294
MSTICPy 2.11.0 released
This minor release includes:
- Better handling of large/split queries for MS Sentinel
- Updated support for installing MSTICPy in a Conda environment
- Updates for future pandas support
github.com/microsoft/msticpy…
6
10
1,145
Ian Hellen retweeted
15 Feb 2024
🌟Happy to see the community coming together and taking some of their time from their busy schedules to share and learn something new with others ❤️ #InfosecJupyterthon @OTR_Community Join us! 🚀
🔴Day 1 Live Stream: aka.ms/JupyterthonLiveDay1
🎤 Agenda: infosecjupyterthon.com/2024/…
15 Feb 2024
@Cyb3rWard0g 🌍🔍 Breaking Down Our Attendees at #Jupyterthon by industries, experience levels, locations
8
15
3,515
Ian Hellen retweeted
15 Feb 2024
❤️ See you all soon 🚀 Join us online! @OTR_Community #Infosec #Jupyterthon
📺Day 1: aka.ms/JupyterthonLiveDay1
📺Day 2: aka.ms/JupyterthonLiveDay2
👉Register: aka.ms/JupyterthonRegistrati…
🎤 Agenda: infosecjupyterthon.com/2024/…
29 Jan 2024
We’re inviting members of the infosec community to join the fourth InfoSec Jupyterthon event to meet and engage with security practitioners on using Jupyter notebooks in their daily work: msft.it/6012iIxoi
3
14
1,206
Ian Hellen retweeted
13 Feb 2024
🚨Mark your 🗓️ Feb 15-16! #InfosecJupyterthon Online🔴
📢 Hacking Proprietary Protocols with Pandas
🌟@aboutsecurity, VP Threat Research & Intelligence @BlackBerry
👉 Register: aka.ms/JupyterthonRegistrati…
5
12
2,393
Ian Hellen retweeted
13 Feb 2024
🚨Mark your 🗓️ Feb 15-16! #InfosecJupyterthon Online🔴
📢 Threat Hunting in Three Dimensions
🌟@iknowuhack, Security Researcher @splunk #SURGe
👉 Register: aka.ms/JupyterthonRegistrati…
4
11
1,232
Ian Hellen retweeted
13 Feb 2024
🚨Mark your 🗓️ Feb 15-16! #InfosecJupyterthon Online🔴
📢Graphing Ransomware & Data Leak Sites Trends with Plotly
🌟@th3_protoCOL, Threat Intelligence Analyst @Sophos
👉 Register: aka.ms/JupyterthonRegistrati…
3
6
1,138
13 Feb 2024
Pioneering work in at-scale use of notebooks in Infosec at Secureworks.
Also friend of and contributor to @msticpy - don't miss this!
13 Feb 2024
🚨Mark your 🗓️ Feb 15-16! #InfosecJupyterthon Online🔴
📢Keynote: Barn Raising: Building a Community Around Jupyter Notebooks for DFIR, SecOps, and Detection Engineering Teams
🌟@detectdotdev, Principal Security Researcher @Secureworks
👉 Register: aka.ms/JupyterthonRegistrati…
2
364
12 Feb 2024
Things have been a bit slow recently due to other work commitments but have a new release out today.
Several things in there including some updates to Splunk, XForce and Virustotal support and fixes for users in Azure Machine Learning.
github.com/microsoft/msticpy…
New versions of MSTICPy and MSTIC Notebooklets released:
github.com/microsoft/msticpy…
github.com/microsoft/msticnb…
6
552
29 Jan 2024
The clock is counting to Jupyterthon 2024. Would love to have you there!
29 Jan 2024
We’re inviting members of the infosec community to join the fourth InfoSec Jupyterthon event to meet and engage with security practitioners on using Jupyter notebooks in their daily work: msft.it/6012iIxoi
1
4
252
17 Jan 2024
And not least @Cyb3rWard0g!
Time to register!
9 Jan 2024
🚨 Registration is open for one of my favorite conferences of the year @jupyterthon ! ❤️
Thanks to @ianhellen, @ashwinpatil, @PeteABryan, and @fr0gger_, this event is possible once again!
📢 A true community event, by the community and for the community. Looking forward to seeing you all soon! 🔥
2
365
15 Dec 2023
#Infosec #Jupyterthon 2024
Back to welcome in the new year.
We're looking for speakers, so get your thinking caps on and cool demos at the ready. 🎇
Also looking for input on the kinds of content that you'd like to see. 👷♀️➡️🔣
Check out @Cyb3rWard0g's announcement for links.
15 Dec 2023
🚨 The #Infosec #Jupyterthon is back 📺! 🔥
🗓️February 2024! ❄️🔥Your opportunity to share your curiosity and inspire others🌎! @OTR_Community
🚀 Call for Notebooks (Dec 15th, 2023 - Jan 15th, 2024) forms.office.com/r/bKAyTRjja…
📢 Help us shape the event! forms.office.com/r/s8v9aQT5Y…
2
4
451
16 Nov 2023
Hmm - just noticed that @msticpy blew past quarter of a million sometime in the last couple of months!
(ok, I know pandas does that in a day😁 but it's big deal for us 🏆)
pepy.tech/projects/msticpy
2
2
10
793
16 Nov 2023
MSTICPy 2.9.0 on PyPI
Also includes some great guidance and scripts for packaging msticpy for use in isolated environments.
msticpy.readthedocs.io/en/la…
(thx Chris Cianelli!)
MSTICPY 2.9.0 released
Includes new Threat Intel provider IPQualityScore and updated M365D to use MS Graph API for hunting queries.
Fixes to startup, Synapse compat issues, Entities and more. See the release notes for a full rundown
github.com/microsoft/msticpy…
2
424
4 Oct 2023
Release notes here
github.com/microsoft/msticpy…
MSTICPy v2.8.0 released.
Stability release - with several important fixes:
- MS Sentinel failure when connecting using a connection string
- Using supported method for multi-cloud Azure endpoints
- Using msticpy in isolated environments.
1
1
2
489
15 Aug 2023
Also includes fixes and upgrades for Splunk driver, Sentinel API, logging.
Get it while stocks last! 😉
MSTICPy 2.7.0 release
- 2 new threat intel providers for CrowdSec and AbuseIPDB
- New MS Sentinel and Kusto drivers now the defaults
- Query file editor for MSTICPy template queries
- Azure auth fixes for MicrosoftSentinel
More details github.com/microsoft/msticpy…
3
335
25 Jul 2023
Long-awaited parallel (threaded) queries arrive in MSTICPy! 🏃♀️🏃♀️🏃♀️
Split big queries into separately executing chunks or across multiple workspaces and clusters.
MSTICPy 2.6.0 released
- Parallel queries for multiple instances of MS Sentinel workspaces and Kusto clusters
- Parallel split queries (large time-range queries divided by smaller time periods)
- Velociraptor data provider for querying exported data sets
github.com/microsoft/msticpy…
4
12
1,615
1 Jun 2023
Highlighting a few features from @MSTICPy 2.5.0
OSQuery log import
🪵import multiple OSQuery logs
🗃️individual event types available as query functions
#msticpy #cybersecurity #jupyter #osquery
ALT Creating a msticpy data provider for OS query logs, then querying the provider for logged_in_users data set from the logs.
5
352
30 May 2023
Quite a lot in this release - whole bunch of cool stuff in the data providers world (OSQuery, new kusto/sentinel drivers, Sentinel repo query import.
And we've adopted the amazing Tabulator from Holoviz Panel as our default dataviewer.
Enjoy!
MSTICPy 2.5.0 released
* New Sentinel and Kusto drivers with parallel queries, proxy and user-defined timeouts.
* Plugin framework for MSTICPy data/TI/context providers
* Import Sentinel hunting and detection queries
* OSQuery data provider ...
github.com/microsoft/msticpy…
2
10
2,004