the dogesec blog
Much post. So knowledge. Many intel. Very subscribe. Wow.
-
Graphing the Ransomware Payment Ecosystem using STIX Objects
case-study July 14, 2025
I recently conducted a project to identify the most prolific ransomware based on the ransom payments being made. Let me walk you through how I did it. -
Turn any Blog Post into Structured Threat Intelligence
tutorial June 16, 2025
Obstracts is the blog feed reader used by the worlds most targetted cyber-security teams. Let me show you why. -
Full Text, Full Archive RSS Feeds for any Blog
product-update May 12, 2025
RSS and ATOM feeds are problematic (for our use-cases) for two reasons; 1) lack of history, 2) contain limited post content. We built some open-source software to fix that. -
Using Attack Flow to Model the Procedure Layer Missing in ATT&CK
research April 28, 2025
Tactics and techniques are not enough on their own. Learn why procedures are the missing operational layer in ATT&CK, and how to model procedure-level attack paths in STIX with Attack Flow. -
Using Sigma Rules in Attack Flows for Detection Coverage and SOC Triage
research April 14, 2025
This post shows a simple way to link Sigma detections to Attack Flow steps so analysts can see what fired, where they are in an attack path, and what coverage is missing. -
Beyond the ATT&CK Matrix: How to Build Dynamic Attack Flows with STIX
tutorial March 17, 2025
MITRE ATT&CK techniques are useful, but they don’t capture the sequence of an attack. Enter Attack Flows. -
An Introduction pySigma: Converting Sigma Rules to Work with Your SIEM
tutorial February 10, 2025
Learn how to seamlessly convert Sigma Rules into queries for your SIEM. Follow along with real examples. -
Writing Advanced Sigma Detection Rules: Using Correlation Rules
tutorial January 13, 2025
Correlation Rules allow you to detect threats by linking multiple events together based on a meaningful relationship. -
Writing Effective Sigma Detection Rules: A Guide for Novice Detection Engineers
tutorial December 16, 2024
Sigma Rules are becoming more widely adopted as the standard detection language. Learning how to write them is not difficult. Let me show you. -
Bad Software Keeps Cyber Security Companies in Business
opinion November 18, 2024
Despite countless frameworks, best practices, blog posts... so many developers still hardcode credentials into their code.