The sold-out #BSidesAmsterdam event, where 200+ information security enthusiasts joined, was a great day full of inspiring talks. It brought brilliant minds together and created an atmosphere where new ideas could flow and people went home inspired. See you next year!

Microsoft recently published a new feature for Defender for Endpoint (#MDE) called Custom Collection. @olafhartong.nl explains what Custom Collection is and how it work in his blog: falconforce.nl/microsoft-de...

The Oesterreichische Nationalbank hosted this year’s TIBER-EU Provider Conference called T-REX (TIBER/TLPT Resilience Exchange). It was nice to see so many familiar faces at the TIBER-EU event in Vienna. #redteaming #TLPT #TIBER #TIBEREU

We believe that community-driven events where people share knowledge about information security are crucial. If we can combine that with an intimate atmosphere, we have a winner! That’s why we have decided to sponsor BSides Amsterdam. www.bsidesams.org

@olafhartong.nl presented his research at #KustoCon on using #Kusto and Kusto Graph for something magical. Olaf investigated if it was possible to do the same thing as #BloodHound, but then only using Kusto Graph. He showcased the need for attack path management. Slides: github.com/olafhartong/...

💡FalconForce has invested its offensive security knowledge and applied R&D into creating high-fidelity detection content; to detect threats that are in the blind spots of many organizations. 👉 Try it for yourself on GitHub: github.com/FalconForceT... #SOC #kusto #detectionengineering #falconfriday

#SOCs around the world are responsible for keeping the organizations resilient against cyber attacks. Our solution "Sentry Detect" is an ideal companion for all SOCs using Microsoft Security products. You can learn more about it: falconforce.nl/webinar-sent...

Last Friday, at BruCON 0X11, @olafhartong.nl showcased his research on how defensive tooling (#EDR) can provide attackers with opportunities for deception and disruption. Trusting your tooling blindly can be a mistake. You need to make sure you can rely on your security data.

After our “AWS enumeration for purple teams” workshop at OrangeCon, we take a next step. In our #FalconFriday blog (falconforce.nl/falconfriday...) Nikolas explains how to catch threat actors that are harvesting information about your AWS policies.

BruCON 0X11 is just a few days away. @olafhartong.nl will present his talk “# I’m in your logs now, deceiving your analysts and blinding your EDR” on Friday Sept 26. Olaf will show how defensive tooling (EDRs) can provide attackers with opportunities for deception and disruption.

We had a fantastic time at @orangecon.nl 🎉 It’s always inspiring to see so many security professionals come together to share their knowledge and passion for advancing the industry. That’s exactly why we’re proud to sponsor this event.

Slides from @olafhartong.nl's talk at #bhusa (I’m in your logs now, deceiving your analysts and blinding your EDR) are available now: i.blackhat.com/BH-USA-25/Pr...

A big thank you to all participants who joined our 4-day Advanced Detection Engineering in the Enterprise training at BlackHat. It has been a pleasure to have such an engaging group of professionals. We also had a great time in Las Vegas at the #bhusa and #DEFCON conferences. Until next time!

Get your ticket before the next price bump.

In our latest webinar we proudly presented Sentry Respond - FalconForce’s cloud native automation platform for high maturity SOCs - to the world! You can watch the webinar recording and download the slides from our website: falconforce.nl/webinar-sent... Contact us if you want to learn more!

August is almost around the corner and many people have already signed up. We are excited to see everyone in Las Vegas! No ticket yet? Get it now (next price bump is at 18 July): www.blackhat.com/us-25/traini...

Want to learn about how we make your #SOC more effective and enable analysts to make informed decisions faster? Join our webinar on 1 July 2025 16:00h CEST. Register today: events.teams.microsoft.com/event/0447b5...

August is almost around the corner and many people have already signed up. We are excited to see everyone in Las Vegas! No ticket yet? Get it now (next price bump is at 18 July): www.blackhat.com/us-25/traini...

On 1 July 2025 16:00h CEST, we will host our next webinar. It will be all about how we make a #SOC more effective and help analysts with the decision-making process. You can register today: events.teams.microsoft.com/event/0447b5...

It's has been 5 years already! Together with 15 Falcons, we celebrated the 5-year anniversary of FalconForce in style. We teamed up in Greece and went on an amazing trip to sunny Santorini. A trip to remember 🇬🇷 ☀️ 🦅

On 1 July 2025 16:00h CEST, we will host our next webinar. It will be all about how we make a #SOC more effective and help analysts with the decision-making process. You can register today: events.teams.microsoft.com/event/0447b5...

One of the least discussed topics in detection engineering is maintenance. But why is no one talking about this? In this first blog we explore its relevance to #detectionengineering and the paradox that keeps us awake at night. Enjoy! falconforce.nl/why-is-no-on...

Upcoming new FalconForce Sentry Respond webinar! Register now: events.teams.microsoft.com/event/0447b5... Join us on Tuesday 1 July 2025, 16:00h CEST, to get actionable insights on on how we support #SOCs enhancing their efficiency. Facilitated by FalconForce specialists @olafhartong.nl and Henri.

We are proud to introduce #dAWShund to the world: a framework for putting a leash on naughty AWS permissions. dAWShund helps blue and red teams find resources in #AWS, evaluate their access levels and visualize the relationships between them. falconforce.nl/dawshund-fra... #blueteaming #redteaming

We are hiring offensive specialists! We are looking for experienced professionals who deliver high-quality offensive security services to help our client's defensive teams become more resilient. Sounds like you? falconforce.nl/falconforce-... #hiring #offensivesecurity #purpleteam #redteam

Upcoming new FalconForce Sentry Respond webinar! Register now: events.teams.microsoft.com/event/0447b5... Join us on Tuesday 1 July 2025, 16:00h CEST, to get actionable insights on on how we support #SOCs enhancing their efficiency. Facilitated by FalconForce specialists @olafhartong.nl and Henri.

FalconForce’s @olafhartong.nl and James joined #Insomnihack and facilitated a 3-day workshop version of our Advanced Detection Engineering in the Enterprise training. Many thanks to all the participants for their efforts, questions and input! We hope you enjoyed it as much as we did.

For the fourth consecutive year, we will be back in Las Vegas to facilitate our Advanced Detection Engineering in the Enterprise training! Get your ticket before May 25. More information and registration: www.blackhat.com/us-25/traini... #detectionengineering #training

We’re off to a great start in 2025! It is a special year for us, since we are celebrating our 5th anniversary. To celebrate this we made ourselves an AI-generated birthday cake that we would like to share with you. #happybirthday @falconforce.nl 🎉

We held our first webinar and had a great time presenting our insights in delivering and maintaining high-fidelity bespoke detection content! Did you miss it? Or forgot to make a note? We got you covered with the recording and a PDF with the slides: falconforce.nl/webinar-sent...

n our latest blog, we follow Arnau (www.linkedin.com/in/arnauorte...) on his journey to leverage #WinRM plugins for lateral movement. A deep rabbit hole that ultimately led to a custom plugin, #BOF and a solid detection in our #FalconFriday repository 🦅 falconforce.nl/exploring-wi...

Come join us at #YellowHat in Amsterdam or via the global livestream, March 6. The conference is dedicated exclusively to @microsoft.com security technology. Tickets and registration: yellowhat.live

Have a great start of this new year! Join our webinar with Olaf and Henri who will go in depth on how FalconForce continuously delivers high-quality detection content for #SOC teams around the world. Register now: events.teams.microsoft.com/event/700051...

No sleep for us! We will facilitate a 3-day workshop version of our Advanced Detection Engineering in the Enterprise training at #insomnihack in Switzerland. Registration is open! Information and registration: insomnihack.ch/workshops/ad... #detectionengineering #training #purpleteam

Upcoming FalconForce Sentry Detect webinar! Register now: events.teams.microsoft.com/event/700051... Join us on Wed 22 January 2025, 16:00h CET, to get actionable insights on how we deliver and maintain high-fidelity bespoke detection content. Facilitated by @olafhartong.nl and Henri (x.com/0xffhh).

Join @olafhartong.nl in his journey down the rabbit hole in search of new detection opportunities in the #Zeek telemetry embedded in Microsoft's EDR #MDE! Detection engineering is sometimes hard … 😎 falconforce.nl/detection-en... #detectionengineering #kql #blueteam

We are happy to announce our collaboration with Division5 in hosting our Advanced Detection Engineering in the Enterprise training in Brisbane, Australia in Feb 2025. Learn more from @olafhartong.nl on detection engineering. Register via: division5.io/ADEitE2025.h...

Scrum teams assemble! Many companies have incorporated an agile #SDLC into their operations. With using DevOps also come new risks. In this new series of blogs, we have a look into #Azure #DevOps #security from an attacker’s and defender’s perspective. falconforce.nl/azure-devoop...