A curated collection of interesting articles, tools, and resources I've found valuable.
Subscribe via RSSOpen-source taxonomy for classifying detection logic bugs — the errors that cause intended detections to fail. Categorizes bugs into reformatting, omitting alternatives, context manipulation, and event fragmentation. Practical checklists for proactive rule review.
A comprehensive reference of ~100 mental models organized by discipline. Particularly useful: First Principles for breaking down detection logic, Inversion for threat modeling ('what would guarantee compromise?'), and Second-Order Thinking for anticipating attacker adaptation.
Systematic approach to AI-assisted development. Emphasizes deep codebase research before coding, detailed plans with clear success criteria, and persistent knowledge in research docs. Uses parallel agents for rapid exploration.
Detection as a strategic game between attackers and defenders. Explores Nash equilibria in security (tolerating false positives, moderate attack sophistication), why defenders must avoid predictability, and the case for broad coverage over targeted detections.
4 links curated