Tweets Analysis - Keyword: @redcanary
Overview
Total number of tweets analysed
22
Earliest tweet was on
2023-02-11
Latest tweet was on
2023-02-21
Tweets covering
9 days
Average age of authors' accounts
7 years
Summarization
Huntress Labs, The DFIR Report and Red Canary are held up as a benchmark for quality content and swag. Red Canary's Surveyor tool has been used to create capabilities to automate threat hunts. Changes have been made to the main repository so others can access them. The importance of having a log management system with searchable data is discussed and Asset Inventory & Management should come first. Additionally, an Incident Response & Preparedness Guide was shared by Red Canary as well as a discussion on SOC in a Box services and SIEM deployment. Finally, it was suggested that Log Collection is important and ideas worth stealing should not be attributed.
Topic Modeling
- Quality Content from Security Providers
- Automation of Threat Hunts
- Cybersecurity Tools and Resources
- Asset Inventory and Management
- SIEM Requirements and Maturity Level
Emotional Analysis
The sentiment expressed in these tweets is mostly positive, with people expressing appreciation for the quality of content from @HuntressLabs, @TheDFIRReport, and @redcanary, as well as pleasure in receiving #swag from @redcanary #atomicredteam. People are also enthusiastic about the surveyor tool from @redcanary and are working with the team to improve it. There is also some humor in the tweets, with people making jokes about SOC in a box services and good ideas being worth stealing.
Trend Analysis
- Cybersecurity
- Threat hunting
- Log management
- SOC in a box services
- Good ideas are worth stealing
Types of Tweets
Number of Retweets
6
Percentage of total tweets
27%
Number of Original tweets
2
Percentage of total tweets
9%
Number of tweets that contain Mentions
22
Percentage of total tweets
100%
Number of tweets that were Replies
14
Percentage of total tweets
63%
Number of tweets that were Quotes
0
Percentage of total tweets
0%
Number of tweets that contain Hashtags
3
Percentage of total tweets
13%
Top 5 devices used to tweet
| Source | Count |
|---|---|
| Twitter Web App | 9 |
| Twitter for Android | 8 |
| Twitter for iPhone | 3 |
| Buffer | 1 |
| Twitter for Mac | 1 |
What devices were used to tweet
Top 10 accounts with highest followers count
| Username | Name | Bio | Followers count |
|---|---|---|---|
| Kostastsale | Kostas | @TheDFIRReport member | Tweeting and following mostly #ThreatIntel,#malware,#IR & #Threat_Hunting. Opinions are mine only! π¬π·π¨π¦ | 8,999 |
| infination | Infination Technology | #IT #Operations, #Linux, #UX. Top 10% on Linkedin.#datasecurity. #dataprivacy.#privacy #security, &&stuff #riskmanagement #compliance #purpleteam #research | 2,663 |
| hacking_future | Hacking Essentials | Only the most interesting #cybersecurity links, hand-picked for you by the most trusted & respected experts in the #hacking & #cybersecurity industry. | 1,910 |
| scriptmonkey_ | Scriptmonkey_ | Tester of Pens, Ex-Teamer of Red things, now with a more purpley shade. Biker and Recovering Eve-Online Addict. o7Scriptmonkey@infosec.exchange | 1,357 |
| _53RF | 53RF β’οΈβ£οΈ | Cyber Security Manager | ISO 27001 Lead Auditor | CompTIA Security Analytics Professional | Accredited Affiliate Chartered Institute of Information Security | 963 |
| heferyzan | Ryan Tomcik | IR/TH @googlecloud @Mandiant Managed Defense | Subject Matter Consumer of DFIR and craft beer | Thruntito, ergo sum | 777 |
| Susannigans | Susannah Clark Matt | Writer, Editor @redcanary. | 509 |
| n8s3c | Nate π€+π»=π΅οΈ | Cybersecurity Analyst. GIFs, Meme's, and general dumpsterfires. Opinions mine, not my employers, don't blame my parents, yadayada. he/him | 508 |
| smith8680 | Brenden Smith | - | 343 |
| accessvp | Access Venture Partners | We're a Colorado-based venture capital firm investing in passionate founders of early-stage tech startups. | 305 |
Top 10 accounts with highest friends count
| Username | Name | Bio | Followers count |
|---|---|---|---|
| infination | Infination Technology | #IT #Operations, #Linux, #UX. Top 10% on Linkedin.#datasecurity. #dataprivacy.#privacy #security, &&stuff #riskmanagement #compliance #purpleteam #research | 3,708 |
| hacking_future | Hacking Essentials | Only the most interesting #cybersecurity links, hand-picked for you by the most trusted & respected experts in the #hacking & #cybersecurity industry. | 2,024 |
| Susannigans | Susannah Clark Matt | Writer, Editor @redcanary. | 1,907 |
| heferyzan | Ryan Tomcik | IR/TH @googlecloud @Mandiant Managed Defense | Subject Matter Consumer of DFIR and craft beer | Thruntito, ergo sum | 1,595 |
| scriptmonkey_ | Scriptmonkey_ | Tester of Pens, Ex-Teamer of Red things, now with a more purpley shade. Biker and Recovering Eve-Online Addict. o7Scriptmonkey@infosec.exchange | 1,333 |
| leoyw | leoyw | #Stand with UKRAINE πΊπ¦πΊπ¦πΊπ¦ #Cybersecurity, #infosec, #Catholic, #JesuitEducated #AMDG #defundPlanparenthood | 1,180 |
| iamSivasankark | Siva | - | 1,124 |
| ponchosansan | @ponchosansan | - | 844 |
| n8s3c | Nate π€+π»=π΅οΈ | Cybersecurity Analyst. GIFs, Meme's, and general dumpsterfires. Opinions mine, not my employers, don't blame my parents, yadayada. he/him | 802 |
| Pulisettis | Sai Prashanth | SOC Engineer @ECI_1995 | #eJPT | #CHFI | #CRTO | 365 |
Most active users
| Username | Bio | Number of tweets |
|---|---|---|
| CrimEvader | Experienced thrunter and detectioneer; amateur abbreviator. May the forensic data be with you and show you the answers. | 2 |
| simonekrausora1 | Content and opinions on this account are personal views | 2 |
| Brunomarx1985 | Purple Team / SIEM/SOC/ infosec | 1 |
| smith8680 | - | 1 |
| scriptmonkey_ | Tester of Pens, Ex-Teamer of Red things, now with a more purpley shade. Biker and Recovering Eve-Online Addict. o7Scriptmonkey@infosec.exchange | 1 |
| ponchosansan | - | 1 |
| n8s3c | Cybersecurity Analyst. GIFs, Meme's, and general dumpsterfires. Opinions mine, not my employers, don't blame my parents, yadayada. he/him | 1 |
| leoyw | #Stand with UKRAINE πΊπ¦πΊπ¦πΊπ¦ #Cybersecurity, #infosec, #Catholic, #JesuitEducated #AMDG #defundPlanparenthood | 1 |
| infination | #IT #Operations, #Linux, #UX. Top 10% on Linkedin.#datasecurity. #dataprivacy.#privacy #security, &&stuff #riskmanagement #compliance #purpleteam #research | 1 |
| iamSivasankark | - | 1 |
Tweets per day
Top 10 tweets with highest Retweet count
| ID | Text | Retweet count |
|---|---|---|
| 1625173479661223954 | The content put out by @HuntressLabs, @TheDFIRReport, and @redcanary is my benchmark for quality. | 2 |
| 1628007127762587648 | Incident Response & Preparedness Guide https://t.co/GOJoAy4V3E #cybersecurity #mitre #CTI via @redcanary | 0 |
| 1627023814373650432 | @SquiblydooBlog @GootLoaderSites @redcanary What happened to GootloaderSites, why was the account suspended? Is there anyone else posting domains where the zip/js files are being hosted? | 0 |
| 1626324494016028672 | @redcanary @kwm Love this sheet, and it helps. Thanks for sharing. | 0 |
| 1626100945309294593 | @Kostastsale @rfranklin99 @redcanary We've tweaked it quite a bit and are working on getting changes pushed back to the main repo for others to access. We utilize an option to specify multiple full queries in definition files instead of just a process name for example. | 0 |
| 1626097354679136256 | @CrimEvader @rfranklin99 @redcanary Never come across this; it seems like a cool idea and a nice tool. Although, to my understanding, this is vendor restrictive and based on definitions with known and expected variables.It should defo help, but "automated hunts" is not the terminology I'd use to describe itπ | 0 |
| 1626070869041635329 | @rfranklin99 @Kostastsale We have taken @redcanary's surveyor tool and implemented capabilities to "automate" our threat hunts by saving our hunting queries and being able to bulk run them against EDR sources.I am working with their team to improve this tool. https://t.co/16Ex1Rv9Dh | 0 |
| 1625456751205138434 | @infination @redcanary thats funny because its true. *sad soc noises* | 0 |
| 1625304322098561025 | @redcanary asset inventory and management must come first. you cannot defend what you are unsure you have. | 0 |
| 1625276894655520769 | @redcanary "SOC in a box" services exist for a reason.Deploy blinkybox, point things at blinkybox, let vendor x handle the actual siem bit. | 0 |
Top 10 tweets with highest Like count
| ID | Text | Like count |
|---|---|---|
| 1625173479661223954 | The content put out by @HuntressLabs, @TheDFIRReport, and @redcanary is my benchmark for quality. | 13 |
| 1624815811184726017 | It was a pleasure receiving the #swag from @redcanary #atomicredteam. https://t.co/MBMDn3muQL | 7 |
| 1626070869041635329 | @rfranklin99 @Kostastsale We have taken @redcanary's surveyor tool and implemented capabilities to "automate" our threat hunts by saving our hunting queries and being able to bulk run them against EDR sources.I am working with their team to improve this tool. https://t.co/16Ex1Rv9Dh | 3 |
| 1626100945309294593 | @Kostastsale @rfranklin99 @redcanary We've tweaked it quite a bit and are working on getting changes pushed back to the main repo for others to access. We utilize an option to specify multiple full queries in definition files instead of just a process name for example. | 2 |
| 1625251771231662090 | @redcanary Not exactly a SIEM, but at least some kind of log management with searchable data must be there. :) | 2 |
| 1626324494016028672 | @redcanary @kwm Love this sheet, and it helps. Thanks for sharing. | 1 |
| 1626097354679136256 | @CrimEvader @rfranklin99 @redcanary Never come across this; it seems like a cool idea and a nice tool. Although, to my understanding, this is vendor restrictive and based on definitions with known and expected variables.It should defo help, but "automated hunts" is not the terminology I'd use to describe itπ | 1 |
| 1625456751205138434 | @infination @redcanary thats funny because its true. *sad soc noises* | 1 |
| 1625304322098561025 | @redcanary asset inventory and management must come first. you cannot defend what you are unsure you have. | 1 |
| 1625260285547237378 | @redcanary Agreed if files+egrep(+bash) means the same | 1 |
Top 3 Languages Used In Tweets
Top 10 Hashtags used
| Hashtag | Count |
|---|---|
| #atomicredteam | 2 |
| #cybersecurity | 1 |
| #mitre | 1 |
| #cti | 1 |
| #swag | 1 |
Top 10 Hashtags Used In Tweets
Top 10 mentions
| Mention | Count |
|---|---|
| @redcanary | 22 |
| @rfranklin99 | 3 |
| @kostastsale | 2 |
| @huntresslabs | 2 |
| @thedfirreport | 2 |
| @squiblydooblog | 1 |
| @gootloadersites | 1 |
| @crowdstrike | 1 |
| @mitreattack | 1 |
| @kwm | 1 |
Top 10 mentions
Wordcloud of Tweets
Emojis
Average number of emojis used per tweet
18
Emojis used in tweets
| Emoji | Count | Emoji Text |
|---|---|---|
| π‘ | 1 | light_bulb |
| π | 1 | bookmark |
| π | 1 | bar_chart |
| π | 1 | slightly_smiling_face |
Emojis groups
| Emoji Group | Count |
|---|---|
| Objects | 3 |
| Smileys & Emotion | 1 |