redcanary - Tweet Data Analysis
Tweets Analysis - Keyword: @redcanary
Published March 10, 2023
Overview
Tweets covering
9 days
Latest tweet was on
2023-02-21
Earliest tweet was on
2023-02-11
Total number of tweets analysed
22
Average age of authors' accounts
7 years
Summarization
Huntress Labs, The DFIR Report and Red Canary are held up as a benchmark for quality content and swag. Red Canary's Surveyor tool has been used to create capabilities to automate threat hunts. Changes have been made to the main repository so others can access them. The importance of having a log management system with searchable data is discussed and Asset Inventory & Management should come first. Additionally, an Incident Response & Preparedness Guide was shared by Red Canary as well as a discussion on SOC in a Box services and SIEM deployment. Finally, it was suggested that Log Collection is important and ideas worth stealing should not be attributed.
Topic Modeling
- Quality Content from Security Providers
- Automation of Threat Hunts
- Cybersecurity Tools and Resources
- Asset Inventory and Management
- SIEM Requirements and Maturity Level
Emotional Analysis
The sentiment expressed in these tweets is mostly positive, with people expressing appreciation for the quality of content from @HuntressLabs, @TheDFIRReport, and @redcanary, as well as pleasure in receiving #swag from @redcanary #atomicredteam. People are also enthusiastic about the surveyor tool from @redcanary and are working with the team to improve it. There is also some humor in the tweets, with people making jokes about SOC in a box services and good ideas being worth stealing.
Trend Analysis
- Cybersecurity
- Threat hunting
- Log management
- SOC in a box services
- Good ideas are worth stealing
Disclaimer: The text analysis on twtdata.com, powered by OpenAI, does not represent the views of twtdata.com or its affiliates. The analysis is for informational purposes only and not an endorsement of any viewpoint.
Types of Tweets
Number of Retweets
6
27% of total
Number of Original tweets
2
9% of total
Number of tweets that were Quotes
0
0% of total
Number of tweets that were Replies
14
63% of total
Number of tweets that contain Hashtags
3
13% of total
Number of tweets that contain Mentions
22
100% of total
Devices Used to Tweet
Top 5 Devices
| Source | Count |
|---|---|
| Twitter Web App | 9 |
| Twitter for Android | 8 |
| Twitter for iPhone | 3 |
| Buffer | 1 |
| Twitter for Mac | 1 |
Device Distribution
Top 10 Accounts by Followers
| Username | Name | Bio | Followers count |
|---|---|---|---|
| Kostastsale | Kostas | @TheDFIRReport member | Tweeting and following mostly #ThreatIntel,#malware,#IR & #Threat_Hunting. Opinions are mine only! π¬π·π¨π¦ | 8,999 |
| infination | Infination Technology | #IT #Operations, #Linux, #UX. Top 10% on Linkedin.#datasecurity. #dataprivacy.#privacy #security, &&stuff #riskmanagement #compliance #purpleteam #research | 2,663 |
| hacking_future | Hacking Essentials | Only the most interesting #cybersecurity links, hand-picked for you by the most trusted & respected experts in the #hacking & #cybersecurity industry. | 1,910 |
| scriptmonkey_ | Scriptmonkey_ | Tester of Pens, Ex-Teamer of Red things, now with a more purpley shade. Biker and Recovering Eve-Online Addict. o7Scriptmonkey@infosec.exchange | 1,357 |
| _53RF | 53RF β’οΈβ£οΈ | Cyber Security Manager | ISO 27001 Lead Auditor | CompTIA Security Analytics Professional | Accredited Affiliate Chartered Institute of Information Security | 963 |
| heferyzan | Ryan Tomcik | IR/TH @googlecloud @Mandiant Managed Defense | Subject Matter Consumer of DFIR and craft beer | Thruntito, ergo sum | 777 |
| Susannigans | Susannah Clark Matt | Writer, Editor @redcanary. | 509 |
| n8s3c | Nate π€+π»=π΅οΈ | Cybersecurity Analyst. GIFs, Meme's, and general dumpsterfires. Opinions mine, not my employers, don't blame my parents, yadayada. he/him | 508 |
| smith8680 | Brenden Smith | - | 343 |
| accessvp | Access Venture Partners | We're a Colorado-based venture capital firm investing in passionate founders of early-stage tech startups. | 305 |
Top 10 Accounts by Friends
| Username | Name | Bio | Followers count |
|---|---|---|---|
| infination | Infination Technology | #IT #Operations, #Linux, #UX. Top 10% on Linkedin.#datasecurity. #dataprivacy.#privacy #security, &&stuff #riskmanagement #compliance #purpleteam #research | 3,708 |
| hacking_future | Hacking Essentials | Only the most interesting #cybersecurity links, hand-picked for you by the most trusted & respected experts in the #hacking & #cybersecurity industry. | 2,024 |
| Susannigans | Susannah Clark Matt | Writer, Editor @redcanary. | 1,907 |
| heferyzan | Ryan Tomcik | IR/TH @googlecloud @Mandiant Managed Defense | Subject Matter Consumer of DFIR and craft beer | Thruntito, ergo sum | 1,595 |
| scriptmonkey_ | Scriptmonkey_ | Tester of Pens, Ex-Teamer of Red things, now with a more purpley shade. Biker and Recovering Eve-Online Addict. o7Scriptmonkey@infosec.exchange | 1,333 |
| leoyw | leoyw | #Stand with UKRAINE πΊπ¦πΊπ¦πΊπ¦ #Cybersecurity, #infosec, #Catholic, #JesuitEducated #AMDG #defundPlanparenthood | 1,180 |
| iamSivasankark | Siva | - | 1,124 |
| ponchosansan | @ponchosansan | - | 844 |
| n8s3c | Nate π€+π»=π΅οΈ | Cybersecurity Analyst. GIFs, Meme's, and general dumpsterfires. Opinions mine, not my employers, don't blame my parents, yadayada. he/him | 802 |
| Pulisettis | Sai Prashanth | SOC Engineer @ECI_1995 | #eJPT | #CHFI | #CRTO | 365 |
Most Active Users
| Username | Bio | Number of tweets |
|---|---|---|
| CrimEvader | Experienced thrunter and detectioneer; amateur abbreviator. May the forensic data be with you and show you the answers. | 2 |
| simonekrausora1 | Content and opinions on this account are personal views | 2 |
| Brunomarx1985 | Purple Team / SIEM/SOC/ infosec | 1 |
| smith8680 | - | 1 |
| scriptmonkey_ | Tester of Pens, Ex-Teamer of Red things, now with a more purpley shade. Biker and Recovering Eve-Online Addict. o7Scriptmonkey@infosec.exchange | 1 |
| ponchosansan | - | 1 |
| n8s3c | Cybersecurity Analyst. GIFs, Meme's, and general dumpsterfires. Opinions mine, not my employers, don't blame my parents, yadayada. he/him | 1 |
| leoyw | #Stand with UKRAINE πΊπ¦πΊπ¦πΊπ¦ #Cybersecurity, #infosec, #Catholic, #JesuitEducated #AMDG #defundPlanparenthood | 1 |
| infination | #IT #Operations, #Linux, #UX. Top 10% on Linkedin.#datasecurity. #dataprivacy.#privacy #security, &&stuff #riskmanagement #compliance #purpleteam #research | 1 |
| iamSivasankark | - | 1 |
Tweets Per Day
Top 10 Tweets by Retweets
| ID | Text | Retweet count |
|---|---|---|
| 1625173479661223954 | The content put out by @HuntressLabs, @TheDFIRReport, and @redcanary is my benchmark for quality. | 2 |
| 1628007127762587648 | Incident Response & Preparedness Guide https://t.co/GOJoAy4V3E #cybersecurity #mitre #CTI via @redcanary | 0 |
| 1627023814373650432 | @SquiblydooBlog @GootLoaderSites @redcanary What happened to GootloaderSites, why was the account suspended? Is there anyone else posting domains where the zip/js files are being hosted? | 0 |
| 1626324494016028672 | @redcanary @kwm Love this sheet, and it helps. Thanks for sharing. | 0 |
| 1626100945309294593 | @Kostastsale @rfranklin99 @redcanary We've tweaked it quite a bit and are working on getting changes pushed back to the main repo for others to access. We utilize an option to β¦ | 0 |
| 1626097354679136256 | @CrimEvader @rfranklin99 @redcanary Never come across this; it seems like a cool idea and a nice tool. Although, to my understanding, this is vendor restrictive and based on definitions with β¦ | 0 |
| 1626070869041635329 | @rfranklin99 @Kostastsale We have taken @redcanary's surveyor tool and implemented capabilities to "automate" our threat hunts by saving our hunting queries and being able to bulk run them against EDR β¦ | 0 |
| 1625456751205138434 | @infination @redcanary thats funny because its true. *sad soc noises* | 0 |
| 1625304322098561025 | @redcanary asset inventory and management must come first. you cannot defend what you are unsure you have. | 0 |
| 1625276894655520769 | @redcanary "SOC in a box" services exist for a reason.Deploy blinkybox, point things at blinkybox, let vendor x handle the actual siem bit. | 0 |
Top 10 Tweets by Likes
| ID | Text | Like count |
|---|---|---|
| 1625173479661223954 | The content put out by @HuntressLabs, @TheDFIRReport, and @redcanary is my benchmark for quality. | 13 |
| 1624815811184726017 | It was a pleasure receiving the #swag from @redcanary #atomicredteam. https://t.co/MBMDn3muQL | 7 |
| 1626070869041635329 | @rfranklin99 @Kostastsale We have taken @redcanary's surveyor tool and implemented capabilities to "automate" our threat hunts by saving our hunting queries and being able to bulk run them against EDR β¦ | 3 |
| 1626100945309294593 | @Kostastsale @rfranklin99 @redcanary We've tweaked it quite a bit and are working on getting changes pushed back to the main repo for others to access. We utilize an option to β¦ | 2 |
| 1625251771231662090 | @redcanary Not exactly a SIEM, but at least some kind of log management with searchable data must be there. :) | 2 |
| 1626324494016028672 | @redcanary @kwm Love this sheet, and it helps. Thanks for sharing. | 1 |
| 1626097354679136256 | @CrimEvader @rfranklin99 @redcanary Never come across this; it seems like a cool idea and a nice tool. Although, to my understanding, this is vendor restrictive and based on definitions with β¦ | 1 |
| 1625456751205138434 | @infination @redcanary thats funny because its true. *sad soc noises* | 1 |
| 1625304322098561025 | @redcanary asset inventory and management must come first. you cannot defend what you are unsure you have. | 1 |
| 1625260285547237378 | @redcanary Agreed if files+egrep(+bash) means the same | 1 |
Top Languages Used
Top 10 Hashtags
| Hashtag | Count |
|---|---|
| #atomicredteam | 2 |
| #cybersecurity | 1 |
| #mitre | 1 |
| #cti | 1 |
| #swag | 1 |
Top 10 Mentions
| Mention | Count |
|---|---|
| @redcanary | 22 |
| @rfranklin99 | 3 |
| @kostastsale | 2 |
| @huntresslabs | 2 |
| @thedfirreport | 2 |
| @squiblydooblog | 1 |
| @gootloadersites | 1 |
| @crowdstrike | 1 |
| @mitreattack | 1 |
| @kwm | 1 |
Wordcloud of Tweets
Emoji Analysis
Average emojis per tweet:
18
Emojis Used
| Emoji | Count | Emoji Text |
|---|---|---|
| π‘ | 1 | light_bulb |
| π | 1 | bookmark |
| π | 1 | bar_chart |
| π | 1 | slightly_smiling_face |
Emoji Groups
| Emoji Group | Count |
|---|---|
| Objects | 3 |
| Smileys & Emotion | 1 |
Need Custom Twitter Data Analysis?
Get detailed insights on any keyword, hashtag, or account with twtData.
Get Started