Jorrit Folmer shares his stories on security monitoring and cyber risk.

Jorrit Folmer CISSP CCSP @jorritfolmer

Cyber Defense Engineering Consultant. Jorrit has implemented Security Incident and Event Management (SIEM) systems for government and financial organizations. He is the author of several popular add-ons for Splunk Enterprise Security to onboard and process security-related data sources. He also gives regular talks on topics intersecting data analytics and security monitoring.

Detecting APT29: MITRE EDR evaluations round 2

Which EDR vendor detects most APT29 steps? Based on MITRE's set of EDR evaluation results, I used Splunk to analyze their data. Read more...

Comparing MITRE EDR evaluations results for APT3

Which EDR vendor detects most APT3 steps? This is an analysis using Python and Splunk of the data MITRE published. Read more...