Chris Truncer's Avatar

Chris Truncer

@christruncer.bsky.social

Deputy Chief Red Team @ CISA && BJJ && Open Source Dev

613 Followers  |  126 Following  |  173 Posts  |  Joined: 01.09.2023
Posts Following

Posts by Chris Truncer (@christruncer.bsky.social)

Man, I love Makar and MacKinnon, but boy did Makar make USA sweat after making that goal to tie it up, along with all the shots Canada had, including Toews.

22.02.2026 17:22 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Insane game

22.02.2026 16:30 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Woke up early to get to watch Team USA win hockey gold. Such an amazing thing to see, I am so pumped. First time since 1980!

22.02.2026 16:22 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Definitely agree

20.02.2026 17:52 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

I think I can mostly agree with that. Makes sense

20.02.2026 16:55 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
a man wearing sunglasses and a bandana says " yeah brother " in front of a crowd ALT: a man wearing sunglasses and a bandana says " yeah brother " in front of a crowd
20.02.2026 16:55 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

To go off my previous post. I think testing AI is more than valid security testing. But in my mind red teaming is about testing defenders, detections, and improving response.

When targeting AI, that isn’t it. It’s not red teaming.

But I’m open to different opinions.

20.02.2026 16:43 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 3    πŸ“Œ 0

So, question if the day from me. Can you β€œred team” AI?

I’ve seen groups and people state that they red team AI. Is it more prompt injection? Are you actively helping defenders build and scale their defenses or test their responses? Is this more a pen test vs real red team?

20.02.2026 16:08 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

There are other ways to setup your system for telemetry if you are looking to see what can avoid detection.

But if you want to test your latest hotness against prevention of code execution, definitely test it against WDAC.

Find something that gets around it? Now that’s useful.

29.01.2026 20:56 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

WDAC will block everything you don’t trust, even to the point you could theoretically end up boot looping your Windows box if you’re trying to load untrusted drivers, or drivers you didn’t actually allow that you need.

Ask me how I know….

29.01.2026 20:53 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
SAINTCON 2018 - Chris Truncer - Introducing Effective Controls in your Environment with Windows Defe
Title: Introducing Effective Controls in your Environment with Windows Defender Application Control Speaker: Chris Truncer Conference: SAINTCON 2018 Location: Track 1 Date: 2018-09-26 Time: 10:00am… SAINTCON 2018 - Chris Truncer - Introducing Effective Controls in your Environment with Windows Defe

Since a lot of talk I’m seeing lately is about good defenses, especially for initial access, I’ve been preaching the good news about WDAC (formerly my fav name of Device Guard) for a while.

I think a properly set up WDAC is the bar which to test access - youtu.be/sWjhuVsSEks?...

29.01.2026 20:46 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Loving the start of my day with an email from @ISC2 saying they are auditing submission that I uploaded (with a screenshot), for a total of 1 credit hour.

Β―\_(ツ)_/Β―

Enjoy

15.01.2026 14:45 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Oh great, looks like a ton of data from a Wired breach just was published.

28.12.2025 21:48 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I’ve had zero clue there was even a heisman race this year

14.12.2025 01:07 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

I’ve not been at gyms before where they give stripes, so this is a first, typically just belts. But I’m now a one stripe brown belt in jiu jitsu. I plenty of rolls after.

And a good day

07.12.2025 02:49 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I assume a lot of people have been playing with it, but I love testing and using @tailscale. It’s been nice being able to set up a private network, and love the wireguard usage overall.

Anyone using it for anything niche or cool?

20.11.2025 02:09 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Man, 3 rounds in and Schevchenko is dominating this fight so far.

16.11.2025 04:47 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Same with a cruise

13.11.2025 14:04 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Pretty much this

13.11.2025 14:04 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Yup!

13.11.2025 14:03 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Lucky you, it was me!

13.11.2025 14:03 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

My kid just asked me if dishwashers were around when I was a kid.

What the f

13.11.2025 02:22 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 2    πŸ“Œ 0

Why is isc2.org asking to know my location just when going to their main website? That’s absolutely unnecessary.

30.10.2025 17:47 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Who in their right mind likes puffy Cheetos?

By far crunchy is way superior.

30.10.2025 13:40 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Getting to check out @BsidesCOS today, looking forward to it!

25.10.2025 15:30 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Ha, you all are awesome!

22.10.2025 16:19 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Well FCA (Jeep, etc.) just sent notice they were breached and lost some data, names, addresses, etc.

Glad they had my data

02.10.2025 19:24 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Just so everyone is aware, there’s 58 million pounds of corn dogs being recalled as we speak due to possible wood in the batter.

You know, minus the giant wood stick it is embedded on.

The more you know.

29.09.2025 12:34 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Love seeing Clemson lose. I cannot stand Dabo Swinney.

What guy did the curse this year saying he would eat dog poop then didn’t?

20.09.2025 22:44 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

That would be interesting to see, little snitch hasn't seemed to pop that up yet

20.09.2025 02:40 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0