AlphaSOC @alphasoc
Our technology reveals unknown threats hidden within your cloud, application, network, and endpoint logs. alphasoc.com San Francisco, CA Joined January 2017-
Tweets1K
-
Followers2K
-
Following1K
-
Likes19
Got CrowdStrike Falcon? Process your raw FDR telemetry with AlphaSOC to deploy your own custom Sigma rules and supercharge your threat hunting. Read more here >> alphasoc.com/crowdstrike
Our engine highlights threats across GitHub and the other applications that your business relies on (e.g., 1Password, Jira, Okta, and Slack). AlphaSOC is free to evaluate for 30 days without restriction or obligation. Learn more here >> alphasoc.com
Download the AlphaSOC MITRE ATT&CK Navigator layer and explore the tactics and techniques covered by our in-built managed detections. Read more here >> docs.alphasoc.com/detections_and…
Interested to know what we've been working on lately? Check out our Changelog that describes the new product features and improvements >> alphasoc.com/changelog/
Microsoft reports a cryptojacking campaign abusing poisoned search results, ScreenConnect, and .NET utilities to deploy GPU miners. AlphaSOC flags these cryptomining and C2 patterns to protect customers. Read more here >> microsoft.com/en-us/security…
We process network telemetry to cover 70+ out-of-the-box detection use cases and highlight patterns including spear phishing, impersonation attacks, anonymizing circuit traffic (e.g. Tor and I2P) and cryptomining pool participation. Read more >> docs.alphasoc.com/detections_and…
We track the most dangerous effective top-level domains (eTLDs) online by processing the indicators within our platform each month. Our feed is updated daily, and you can use it to instantly block traffic to statistically bad domains >> feeds.alphasoc.net/bad-etlds.txt
Our open source Network Flight Simulator (flightsim) utility can synthesize many malicious traffic patterns, including DGA, DNS tunneling, ICMP tunneling, and SSH exfiltration. Read more >> github.com/alphasoc/fligh…
Sending audit logs and telemetry to Cribl Stream? You can process those raw events using AlphaSOC via our native integration for Cribl and forward the findings in OCSF format on to your SIEM or Data Lake to reduce your costs. Read more here >> alphasoc.com/cribl
Unit 42 reports TamperedChef clusters delivering malware through trojanized software installers used to compromise victims. AlphaSOC flags these malware and C2 patterns to protect customers. Read more here >> unit42.paloaltonetworks.com/tracking-tampe…
Using Sigma rules for detection and hunting? Process your EDR telemetry (e.g., Defender for Endpoint, CrowdStrike Falcon, and SentinelOne) with AlphaSOC and deploy both community and custom Sigma detections outside of your SIEM. Read more here >> docs.alphasoc.com/detections_and…
Want to flag anomalies within your AWS environment and overlay them with MITRE ATT&CK? We have extended our analytics engine to process CloudTrail logs and highlight 400+ threats. Here's a full list of detection use cases >> docs.alphasoc.com/detections_and…
Need unparalleled visibility into your Azure environment and cloud workloads? AlphaSOC highlights privilege escalation, compromised workloads, hacked accounts, and data exfiltration. Evaluate our analytics engine for free >> alphasoc.com/azure
Our Analytics Engine supports detections across endpoints, cloud workloads, and SaaS applications! Process your CrowdStrike FDR telemetry and logs from AWS, GitHub, Slack, Okta, and other platforms to hunt threats. Dig into the docs here >> docs.alphasoc.com
The DFIR Report details EtherRAT and TukTuk C2 activity ending in Gentleman ransomware deployment across compromised systems. AlphaSOC flags these ransomware and C2 patterns to protect customers. Read more here >> thedfirreport.com/2026/05/11/fla…
Want to measure the efficacy of your threat detection stack with regard to cryptomining traffic? Use flightsim to generate Stratum traffic to known mining pool services online >> github.com/alphasoc/fligh…
Got Splunk? Our latest release adds MITRE ATT&CK mapping and enables teams to identify both known and unknown emerging threats. Use Network Behavior Analytics for Splunk to instantly process your network telemetry and solve 70+ detection use cases >> splunkbase.splunk.com/app/4052
Third-party VPNs are increasingly used by threat actors to exfiltrate data and evade controls. AlphaSOC provides defenders with visibility into these encrypted sessions, as shown >>
Lookalike domains (aka homoglyphs) are commonly used by threat actors in spearphishing campaigns. AlphaSOC flags these patterns in real-time to alert security teams and protect customers.
Cisco Talos reports UAT-8302 delivering malware through phishing campaigns targeting government and enterprise organizations. AlphaSOC flags these malware and C2 patterns to protect customers. Read more here >> blog.talosintelligence.com/uat-8302/
Michael Koczwara @MichalKoczwara
25K Followers 2K Following Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
James @James_inthe_box
22K Followers 466 Following
Nasreddine Benchercha... @nas_bench
12K Followers 1K Following Detection @Splunk & @cisco | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
Eric Capuano - Bsky: ... @eric_capuano
11K Followers 3K Following Co-Founder @recon_infosec | SANS DFIR Instructor | IANS Faculty | https://t.co/yUXCSu2Yso | ⬡ ❤ @shortxstack
J⩜⃝mie Williams @jamieantisocial
12K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷, ✌️🇺🇸➡️🇫🇷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
The Haag™ @M_haggis
10K Followers 2K Following Threat Researcher | Co-Host of Atomics on a Friday | LOLDrivers & Atomic Red Team Maintainer | I'm Everywhere and Nowhere - BSG.
cl4ire17 @CL0WN_PR1NC3
89 Followers 2K Following i need a boyfriend so i have someone to text my random thoughts to
isenhu @isenhu
33 Followers 3K Following
R @R0936210742094
0 Followers 1 Following
bax @baxdotdev
136 Followers 542 Following
Tejas Selar @TejasSelar
1 Followers 47 Following
CaV @cybercharlesav
24 Followers 2K Following
TheKiller @ChandMrsarthak1
83 Followers 658 Following
iamroot @deepug122
27 Followers 583 Following
Yashraj Solanki @RustyNoob619
1K Followers 358 Following Threat Intel @bridewellsec (All tweets are my views) Build | Track | YARA #100DaysofYARA 2026
Łukasz @lukiro100
1 Followers 11 Following
SASHA @sashzcs
1K Followers 438 Following @ChungusFNF ex- @NASA,@DoorDash, @Meta, @Yandex, @MIPT, School of Data Analysis, @Tesla, @NVIDIA, @Google, @Apple, @Microsoft, @Amazon, @OpenAI, @Uber, @Stripe
FirstToKnow @know_first
0 Followers 2K Following
UHVwbw== @VwbwUh
3 Followers 150 Following
Threatactix Research @ThreatactixLab
6 Followers 26 Following AI-enhanced threat intelligence. Delivering safe, actionable insights, malware trends, and cyber threat feeds. #ThreatIntel #CyberSec #BlueTeam”
UHVwbw== @UhVwbw
0 Followers 43 Following
elias @ilias6581
0 Followers 193 Following
Future Purpose @FuturePurpose_
40 Followers 409 Following Take our B Corp Readiness Assessment: Unlocking B Corp potential through evaluation, sector analysis, and actionable resources. [email protected]
gaoxyz @gaoxyz
22 Followers 461 Following
Linksy @Ajlinks
31 Followers 1K Following
левиафан🔻 @derni99a
11 Followers 256 Following
مُعاذ القري... @Muath_1411_
80 Followers 2K Following اللهم علمنا ما ينفعنا، وانفعنا بما علمتنا وزدنا علماً
Farhan Tariq @qiratnahraf
13 Followers 382 Following
平 aRT 🤖ॐ @k1llclu7ch
116 Followers 3K Following 🌐Aequᾶm memeηto rebus in arduis servare mentem Tech Developer | cyber geek guy | systems €n6!n33Я #developer
kaundinya @kaundiny219160
0 Followers 189 Following
Elastic Security Labs @elasticseclabs
5K Followers 729 Following Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
Bren @BSchei01001100
2 Followers 434 Following
Michael @michaelwong123
17K Followers 8K Following Partner&CBO @TokenPocket_TP @KeyPalWallet @TransitFinance TokenPocket is the world's largest decentralized #StablecoinWallet https://t.co/TAIzGf0DlC
TinaCopperfield @4Q1mNKl408b094
9 Followers 339 Following
Nooti @Nooti452
26 Followers 967 Following
Estelle @LenoraL42076
219 Followers 7K Following
Norbert @NB1r0
47 Followers 3K Following
StopForumSpam @StopForumSpam
1K Followers 1K Following Helping 300,000 forum, blog & site administrators keep the spam away, for free. Nothing beats free!
Florian Roth ⚡️ @cyb3rops
220K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Stephan Berger @malmoeb
29K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Will @BushidoToken
38K Followers 3K Following Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil
Michael Koczwara @MichalKoczwara
25K Followers 2K Following Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
James @James_inthe_box
22K Followers 466 Following
Blue Team News @blueteamsec1
56K Followers 9K Following The cybersecurity home for the latest #BlueTeam, #DFIR, and #ThreatHunting news and tools.
Paul Melson @pmelson
14K Followers 1K Following Author/Operator of @ScumBots. Blue Team by day, Blue Team by night. Opinions, typos, and bad grammar do not represent my employer. He/Him
Nasreddine Benchercha... @nas_bench
12K Followers 1K Following Detection @Splunk & @cisco | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
Joe Roosen @JRoosen
9K Followers 2K Following SpyCloud - Director of Security Research, Cryptolaemus, Emotet(Ivan)/QBot(Boris) Destroyer, gold prospector & former sysadmin. retweet != endorsement.
Eric Capuano - Bsky: ... @eric_capuano
11K Followers 3K Following Co-Founder @recon_infosec | SANS DFIR Instructor | IANS Faculty | https://t.co/yUXCSu2Yso | ⬡ ❤ @shortxstack
Matthew @embee_research
14K Followers 2K Following Security Researcher, Creating and Sharing Educational Content.
Olaf Hartong @olafhartong
17K Followers 979 Following @FalconForceTeam | researcher with a camera | Microsoft MVP | Snow man role model
Virus Bulletin @virusbtn
61K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]
Germán Fernández @1ZRR4H
38K Followers 464 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher at https://t.co/rDrSxZStZD | @CuratedIntel Member | 🥷🧠🇨🇱
J⩜⃝mie Williams @jamieantisocial
12K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷, ✌️🇺🇸➡️🇫🇷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
Kimberly @StopMalvertisin
17K Followers 630 Following Security Researcher | Cyber Threat / Malware Analyst | Ex Sr. Threat Analyst @ Proofpoint | Founder of Stop Malvertising
Luke Acha @luke92881
486 Followers 348 Following Incident Response and Malware Detection enthusiast.
Moonlock Lab @moonlock_lab
2K Followers 78 Following Malware research lab @moonlock_com Assembled by @macpaw to detect and study cybersecurity threats.
Fox_threatintel @banthisguy9349
16K Followers 288 Following Just a person who is against cyber crime and dictators like Putin
Andrew Pease @andythevariable
1K Followers 287 Following Elastic Security Labs Technical Lead. Lawful Neutral. Threat Hunting with the Elastic Stack author. Retired CW4.
DefSecSentinel @DefSecSentinel
2K Followers 1K Following 179CPT Cyber Operations Technician 170A @MOARNG
John @Big_Bad_W0lf_
2K Followers 679 Following Bad guys and Breaches with #AdvancedPractices 🦅 @Mandiant / @Google | tweets are my own
Justin Ibarra @br0k3ns0und
2K Followers 972 Following detection engineering | security research | agent shepherding | meta-engineering | @sentinelone, former @elastic/@elasticseclabs @endgameinc etc.
OrdinalExport @OrdinalExport
12K Followers 602 Following
Antonio Sanz @antoniosanzalc
10K Followers 121 Following Fighting evil 24x7. Incident Response & Digital Forensic guy, infosec maniac... and a fine cook! #DFIR - [email protected] / @antoniosanzalc.bsky
Chris Beckett @cbecks_2
813 Followers 2K Following Infosec and the Green Bay Packers. Interested in all things DFIR, Detection Engineering, Purple, and CTI. Opinions are mine, certainly not those of my employer.
Ron Hamann @Airforceteacher
689 Followers 311 Following SANS Instructor. Former Air Force cyber operations officer. #17DA. Semi-diligent swing dancer. Cyber-security addict. Audio enthusiast.
Eric Foster @performify
2K Followers 2K Following CEO @TENEXai - The AI SOC Company. The only AI-native MDR led by operators w/ founding engineers from hyperscalers + AI labs. Named #1 fastest-growing cyber co.
𝓙𝓪𝓬𝓴2 @2RunJack2
1K Followers 3K Following #ThreatIntel Researcher @S2W_Official @TALON_INTEL Main Author of Threat Intel Report 'Campaign DOKKAEBI : Documents of Korean and Evil Binary' / Formerly FSI
Perception Point Atta... @AttackTrends
852 Followers 19 Following All the attacks that we see, so you don't have to. @PerceptionPo1nt
Andrew @4ndr3w6S
3K Followers 3K Following Detection Engineering @HuntressLabs | Prev. Practice Lead, TAC (Purple Team) @TrustedSec | @SpursOfficial Super Fan - COYS!
Félix Aimé @felixaime
6K Followers 2K Following Threat Intel. stakhanovite ⛏️ and proud dad. Former @Kaspersky & @CERT_FR. Principal CTI researcher at @sekoia_io, focused on state-sponsored / hybrid stuff.
Who said what? @g0njxa
6K Followers 99 Following ChatGPT says I'm a cyber researcher :) | donate 💸 to g0njxa.eth 💖 | Bad student, enthusiast, defo not an expert DMs are open, feel free to reach! 😼☂️🟣
Darren LaCasse @stiltznet
449 Followers 557 Following Threat Detection, Intelligence, and Incident Response @elastic At the intersection of logs and security (and now AI!)
crep1x @crep1x
3K Followers 316 Following Lead cybercrime analyst, tracking adversaries activities & infrastructure, at @sekoia_io
Joshua Penny @josh_penny
2K Followers 910 Following Senior Threat Intelligence Analyst @Bridewellsec
Chris Duggan @TLP_R3D
7K Followers 3K Following Full-Time Explorer | MDS Legendary Finisher | Ultra Endurance | From Cyber Intel to the Desert | Author- The Intent Model
Kayne 'no longer here... @kaynemcgladrey
21K Followers 553 Following I'm no longer active on Twitter and won't see mentions or messages.
Racco42 @Racco42
5K Followers 445 Following Corporate #infosec guy. Beginner malware analyst. Samples hoarder.
The Brofessor @Glacius_
3K Followers 337 Following Threat Hunting Lead at @Stoik | ex @teamcymru_S2 @McAfee ATR
Michael Hill @MjHillEditor
3K Followers 4K Following Editor and journalist. Editor of PEX Network, Cyber Security Hub. Former UK Editor of CSO Online. Former Editor of Infosecurity Magazine.
Cyborg Security, Now ... @CyborgSecInc
755 Followers 95 Following Cyborg Security is now a part of Intel 471! Learn more at https://t.co/UkxOtEWTdO
Sekoia.io @sekoia_io
4K Followers 146 Following A #SOCplatform boosted by #AI and #threatintelligence, combining #SIEM, #SOAR, #Automation in a single solution. Used by End-users, MSSP and APIs
RedDrip Team @RedDrip7
17K Followers 29 Following Technical Twitter of QiAnXin Technology, leading Chinese security vendor. It is operated by RedDrip Team which focuses on malware, APT and threat intelligence.
Steve Ragan ⚠️ @SteveD3
15K Followers 3K Following Father. Grandpa. Geek. Hacker. Former journalist. Security researcher. CMO @BSidesLV. Member: @CuratedIntel | BOD @CircleCityCon (RIP). | Tweets are my own.
Raj Samani @Raj_Samani
14K Followers 598 Following Chief Scientist @Rapid7 | @cloudsa | Co-author of @CyberGridBook & CSA Guide to Cloud | Advisor @EC3Europol https://t.co/YpisLrWlVR
The Zeek Network Secu... @Zeekurity
14K Followers 19 Following Zeek is an open-source network security monitor. Retweets are not endorsements. https://t.co/gJjutmzsi8. Also: https://t.co/T5ptypZeDp
Corelight @corelight_inc
4K Followers 608 Following Corelight transforms network data into definitive evidence, powering AI-driven detection and expert-authored workflows, and enabling the AI SOC ecosystem.
Marco Lancini @lancinimarco
7K Followers 382 Following 💼 Director of Security 📬 @CloudSecList 📚 https://t.co/TrQKzxfnYg 💬 I write about security strategy, technical leadership, and cloud security.
Max Rogers @MaxRogers5
3K Followers 1K Following Sr. Director of SOC at Huntress. Ex-Mandiant/FireEye. Bringing security to the Fortune 5,000,000.
dnstwist @dnstwist
265 Followers 1 Following Domain name permutation engine and #phishing scanner. Ping @elceef in case of any questions/requests.
Rain3r 😎😎😎�... @Rainer_Sokolov
331 Followers 3K Following CloudSec | Pentester | Hacker | DevSecOps | Exploit Dev | SE/OSINT | Bug Bounty Hunter | #ciberseguridad #infosec #TryHarder #hacking #redteam | Grauer Hut
Keith Wright @theparanoidnerd
212 Followers 403 Following Infosec advocate. Maker/Hacker part time. Husband/Father full time. Doing security things at @Elastic
Brandon Poole @panoptcy
222 Followers 694 Following Threat exorcist. Did hard time in IT Ops and Infra. Strong opinions weakly held. Grump Cat is my spirit animal. Infosec Maverick.Trends for United States
You might like
