Please turn JavaScript on
Find more feeds

Andrea Fortuna

Want to stay in touch with the latest updates from Andrea Fortuna? That's easy! Just subscribe clicking the Follow button below, choose topics or keywords for filtering if you want to, and we send the news to your inbox, to your phone via push notifications or we put them on your personal page here on follow.it.

Reading your RSS feed has never been easier!

Website title: Andrea Fortuna | Cybersecurity expert, software developer, experienced digital forensic analyst, musician

Is this your feed? Claim it!

Publisher:  Unclaimed!
Message frequency:  0.58 / day

Message History

Building a CI/CD pipeline for Sigma rules

Nobody ships application code directly to production by typing it into the server. The idea is absurd. Yet the equivalent happens every day in detection engineering: an analyst opens the SIEM console, edits a rule, saves it, and the change is live. No diff, no review, no test, no rollback path. The rule is now in production and nobody has a record of what it looked like befor...


Read full story
iCloud Private Relay and the shrinking horizon of network forensics

The iOS 15 release notes were long. Most analysts skimmed them. Buried in the list, between Focus mode and SharePlay, was a short paragraph about something called iCloud Private Relay. No CVE number, no exploit. Just a quiet architectural change that, in practice, punches a significant hole in the kind of passive network monitoring that security teams have re...


Read full story
Applying software engineering discipline to threat detection

At some point, most security teams will have a rule that fires 4,000 times in a single night. Nobody knows when it was changed, who changed it, or what it was supposed to catch in the first place. The post-mortem reveals that someone edited it directly in the SIEM console six weeks earlier, with no documentation, no peer review, and no way to roll back. This is the default st...


Read full story
FACT attribution, putting a person behind the artifact in digital forensics
The FACT Attribution Framework provides a legally grounded, four-stage methodology to bridge technical digital evidence and human attribution in DFIR investigations.

Read full story
The macOS Tahoe artifact that tracks every menu selection a user makes

Most forensic artifacts tell you what happened. Disk logs record a file deletion. Network captures record a connection. The System.db confirms an app ran. What they almost never tell you is why the user did what they did, or more precisely, that what happened was deliberate rather than accidental. The gap between “this file was deleted” and “the user selected Compres...


Read full story