Greg Foss's Avatar

Greg Foss

@gregfoss.com.bsky.social

Detection Engineering Leader @ Datadog Views are strictly my own

904 Followers  |  351 Following  |  7 Posts  |  Joined: 04.11.2024  |  1.7532

Latest posts by gregfoss.com on Bluesky

Preview
Beyond Mimo’lette: Tracking Mimo's Expansion to Magento CMS and Docker | Datadog Security Labs This post reports on activity from the 'Mimo' threat actor.

Beyond Mimo’lette: Tracking Mimo's Expansion to Magento CMS and Docker

securitylabs.datadoghq.com/articles/bey...

21.07.2025 20:57 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

fwd:cloudsec is around the corner! Don't miss these 3 talks from Datadog researchers Seth Sec, Katie Knowles, Greg Foss, and Anthony Randazzo.

fwdcloudsec.org/conference/n...

@sethsec.bsky.social
@siigil.bsky.social
@gregfoss.com

27.06.2025 21:02 β€” πŸ‘ 4    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
Datadog Detect: Scale your Security Operations with Detection Engineering | Datadog See metrics from all of your apps, tools & services in one place with Datadog's cloud monitoring as a service solution. Try it for free.

I'm so excited to announce that Datadog Security Research is launching a FREE, fully-online, Detection Engineering focused conference called Datadog Detect!

bit.ly/datadog-detect

Our lineup is incredible with experts in the field of detection, response and threat intelligence.

10.05.2025 18:14 β€” πŸ‘ 9    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Preview
fwd:cloudsec 2025 Speaker Bios & Abstracts | fwd:cloudsec fwd:cloudsec is a non-profit conference on cloud security. At this conference you can expect discussions about all the major cloud platforms, both attack and defense research, limitations of security...

Excited to speak at @fwdcloudsec.org in Denver on June 30 with Anthony Randazzo! We’ll share lessons from a year of cloud threat hunting.

Don’t miss other @securitylabs.datadoghq.com talks from @siigil.bsky.social on EntraID escalation and @sethsec.bsky.social on AMI name confusion as well!

19.05.2025 17:24 β€” πŸ‘ 7    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Datadog at RSA Conference 2025 | Datadog Datadog at RSA Conference 2025

@datadoghq.com Security Research is heading to RSAC next week! Come join us for any of our talks on the main stage, meet our research team at the Datadog booth, or attend some of the leadership events below!

www.datadoghq.com/event/rsa202...

21.04.2025 14:39 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

yup - xmind! 😊

24.01.2025 23:08 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Datadog threat roundup: top insights for Q4 2024 | Datadog Security Labs Threat insights from Datadog Security Labs for Q4 2024.

Today our #Datadog Security Research and Detection Engineering team released our first threat roundup report!

Datadog has unique visibility into threat actor activity targeting cloud environments and this report highlights our key findings from Q4 2024.

securitylabs.datadoghq.com/articles/202...

24.01.2025 20:45 β€” πŸ‘ 12    πŸ” 4    πŸ’¬ 1    πŸ“Œ 1
Post image

DHS has terminated the memberships of everyone on its advisory committees.

This includes several cyber committees, like CISA's advisory panel and the Cyber Safety Review Board, which was investigating Salt Typhoon.

That review is "dead," person familiar says.

www.documentcloud.org/documents/25...

21.01.2025 20:43 β€” πŸ‘ 1084    πŸ” 614    πŸ’¬ 54    πŸ“Œ 186

I have a similar device that’s jerry-rigged to push my garage door button. By far my favorite and most ghetto home automation tool πŸ˜…

17.12.2024 23:13 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

So sorry for your loss πŸ˜₯ <hugs>

17.12.2024 21:16 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

"Tales from the cloud trenches: Unwanted visitor"

securitylabs.datadoghq.com/articles/tal...

This post describes an attacker that we've observed in the wild, including a malicious AWS account ID used to create a backdoor IAM role.

11.12.2024 21:43 β€” πŸ‘ 20    πŸ” 6    πŸ’¬ 0    πŸ“Œ 0
Preview
Introducing Supply-Chain Firewall: Protecting Developers from Malicious Open Source Packages | Datadog Security Labs Release of Supply-Chain Firewall, an open source tool for preventing the installation of malicious PyPI and npm packages

New from Datadog Security Research! Threat actors are constantly publishing backdoored software libraries to steal credentials, get C2, and more. @ikretz.bsky.social did something about it. Meet the Supply-Chain Firewall, a tool to block malicious packages.
securitylabs.datadoghq.com/articles/int...

06.12.2024 15:13 β€” πŸ‘ 20    πŸ” 7    πŸ’¬ 0    πŸ“Œ 2
Preview
Exploring Google Cloud Default Service Accounts: Deep Dive and Real-World Adoption Trends | Datadog Security Labs This post offers a deep dive into Google Cloud’s default service accounts, explaining their functionality, risks, and real-world adoption trends.

Exploring Google Cloud Default Service Accounts: Deep Dive and Real-World Adoption Trends

securitylabs.datadoghq.com/articles/goo...

by @christophetd.fr

29.11.2024 12:37 β€” πŸ‘ 10    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
GitHub - DataDog/guarddog: :snake: GuardDog is a CLI tool to Identify malicious PyPI and npm packages :snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages - GitHub - DataDog/guarddog: :snake: GuardDog is a CLI tool to Identify malicious PyPI and npm packages

I will be presenting Guarddog github.com/datadog/guar... at Blackhat MEA next week. If you will be there come and say Hi

22.11.2024 07:15 β€” πŸ‘ 6    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

I made a Detection Engineering starter pack, will be adding more as more folks jump over to bluesky! go.bsky.app/HenXJUR

18.11.2024 15:37 β€” πŸ‘ 125    πŸ” 55    πŸ’¬ 9    πŸ“Œ 3
Posts by Category This site hosts a list of talks from various conferences on the topic of Cloud Native security.

If you're looking for the security talks from Kubecon NA 2024, I've added the abstracts and Youtube embeds to talks.container-security.site/categories/#... .

There's also talks going back to 2016 in case you really want to watch a lot of container security videos!

18.11.2024 19:27 β€” πŸ‘ 36    πŸ” 10    πŸ’¬ 3    πŸ“Œ 0

Hey man! I am bummed I couldn't make it, but very happy that you and others from the squad were able to join! Excited for her next adventure! πŸ˜„

18.11.2024 18:01 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Want to keep up to date with Datadog’s Cloud Security Research? We’ve got a starter pack for that. All of our researchers in one feed.
go.bsky.app/8XpcFm5

18.11.2024 13:21 β€” πŸ‘ 38    πŸ” 15    πŸ’¬ 0    πŸ“Œ 3

hello world πŸ‘‹

04.11.2024 18:50 β€” πŸ‘ 14    πŸ” 1    πŸ’¬ 2    πŸ“Œ 0

@gregfoss.com is following 20 prominent accounts