The Vertex Project

After a long day of cactus-conning, join our happy hour on Friday in the Main Hall from 3-6PM, sponsored by Vertex.

Or afterwards at the afterparty at Level One from 6-7:30PM, sponsored by Arctic Wolf.

For CISO badge folks, on Saturday in the Delta happy hour is from 5-7:30PM.

See you TOMORROW!

Headed to @cactuscon.com tomorrow? Drinks are on us 🌵🍹

The Vertex Project is sponsoring Happy Hour (3–6 PM). Find Dylan Hennessy for drink tickets and come chat Vertex, Synapse, and investigations.

See you there.

Next week we’ll host our webinar with @censys.bsky.social! Attackers can rotate infrastructure faster than threat hunters can keep up. Learn how defenders can pivot from indicators to infrastructure-centric intelligence. @vtx-savage.bsky.social+@silascutler.bsky.social
vertex.link/events/censy...

Thank you @vertexproject.bsky.social for being #PIVOTcon26 Platinum Sponsor 🎉
Read more about them at vertex.link

They deliver #Synapse, advanced intelligence and analysis technology that transforms complex data into actionable insight.

Check our sponsors at pivotcon.org/sponsors

Our latest blog post highlights core insider threat lessons around collaboration, context, and analyst decision-making when clear red flags are absent. Find it here: vertex.link/blogs/inside...

2 weeks til our webinar with @censys.bsky.social! Attackers can rotate infrastructure faster than threat hunters can keep up. Learn how defenders can pivot from indicators to infrastructure-centric intelligence.
@vtx-savage.bsky.social + @silascutler.bsky.social

vertex.link/events/censy...

Insider threats won’t look like the stereotypical "hacker in a hoodie."

Operation Deepfake will challenge you to investigate an insider threat scenario using shared intel - not just indicators. Try it here: vertex.link/blogs/inside...

A bit of light-hearted fun from the latest Synapse + Optic release. The "colorize" command lets you specify runtime colors for nodes which take precedence over Workspace color configs. This hilarious example uses part of the node hash as a random color value 😂🤩🌈

How do you track DDoS infrastructure when C2 servers rarely last a day?

@vtx-savage.bsky.social and @silascutler.bsky.social are breaking down real-world DDoSia hunting using the Synapse-Censys Power-Up in our next webinar.
vertex.link/events/censy...

For those interested in participating, you can learn more about the challenge and how to access it here:https://vertex.link/blogs/insider-threat-challenge/

The Vertex Project's Insider Threat Challenge The Vertex Project recently debuted a hands-on insider threat analysis exercise - the Vertex Insider Threat Challenge - designed to bring realistic investigative scenarios to intelligence analysts and...

Our Insider Threat Challenge was featured in an @ooda original, highlighting how hands-on scenarios like Operation Deepfake help analysts practice real-world investigations.

🔒 Subscriber article: oodaloop.com/analysis/ood...

Join our webinar with @censys.bsky.social to learn how infrastructure-centric intel lets you pivot across ASNs, provider tiers, & rapidly changing adversary assets

Presented by @vtx-savage.bsky.social & @silascutler.bsky.social

vertex.link/events/censy...

Why do Views and Layers matter for security teams?

Because not all collaboration should be fully visible.

They let teams:
🔹Work in parallel
🔹Restrict access to sensitive data
🔹Collaborate securely

Learn more here: vertex.link/blogs/views-...
#CTI #Synapse

Can you catch an insider threat before it’s too late? Operation Deepfake - a hands-on insider threat challenge built in Vertex Synapse - is live.

Try it here: vertex.link/blogs/inside...

We’ve upgraded the Synapse data model!

The new inet:service:* forms replace the inet:web:* model offering broader flexibility and better detail for modeling online platforms, accounts, messages, and more.

Read all about it: vertex.link/blogs/inet-s...

We're hosting a webinar with @censys.bsky.social! Attackers can rotate infrastructure faster than threat hunters can keep up. Learn how defenders can pivot from indicators to infrastructure-centric intelligence.

@vtx-savage.bsky.social + @silascutler.bsky.social

vertex.link/events/censy...

🍾 Happy New Year to all! We’re closing out 2025 with momentum.

The Vertex Project turns 10 next year — and we have some exciting releases and stories planned.

Stay tuned.

vertex.link

Malware families aren’t always clear-cut. Here’s how Vertex analysts define and classify software for better accuracy. Read more: vertex.link/blogs/more-t...

Getting started with Synapse and Storm? Here are the top resources for mastering queries, workflows, and Power-Up development. Read more: vertex.link/blogs/synaps...

Query Pure Signal Data: Team Cymru Power-Up for Synapse Enterprise Instantly run Team Cymru Scout queries on the Pure Signal™ data ocean directly within Synapse Enterprise. See how to hunt for phishing infrastructure, analyze communication patterns, and unpack malici...

Team Cymru’s Synapse Power-Up embeds Scout’s Pure Signal™ data into Synapse Enterprise for richer, faster investigations. Read how here: www.team-cymru.com/post/query-s...

Do you love a good mystery? Our CYBERWARCON insider-threat analysis challenge is now available in the Vertex Intel-Sharing Synapse Instance. It’s like Clue, but even better! Find it here: vertex.link/blogs/inside...

Did you know Synapse has a Power-Up for ReversingLabs? It lets you query the ReversingLabs API directly from Synapse using your existing key - perfect for submitting files and pulling scan results.
Learn more: synapse.docs.vertex.link/projects/rap...

Security frameworks fail on software supply chain risk | ReversingLabs Researchers studied how well the top frameworks mitigate modern attack techniques. They found serious security gaps.

@invisig0th.bsky.social underscores why security frameworks are a starting point, not a finish line. Strong supply-chain security is in the execution. Read more from @reversinglabs.com: www.reversinglabs.com/blog/securit...

The Vertex Project’s Slack community isn’t just chatter - it’s where intelligence insights happen.

Join discussions on data modeling, enrichment, and operationalizing analysis with Synapse. Find us here: v.vtx.lk/slack

Principal Researcher Company Description: Our MissionAt Palo Alto Networks® everything starts and ends with our mission:Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world...

Palo Alto Unit 42 has another job opening looking for #synapse experience on a high impact team! 💚🤩🎉
jobs.smartrecruiters.com/PaloAltoNetw...

We recently released the Synapse @Feedly Power-Up! Ingest Feedly TI API feeds into Synapse, model articles as media:news, link indicators, and automate daily/hourly pulls to speed up reporting + enrichment. Learn more: synapse.docs.vertex.link/projects/rap...

ICYMI: @sentinelone.com released a new Synapse power-up for Validin giving analysts faster pivots across DNS history, certs, WHOIS + web content to reveal hidden related infrastructure. Get the full story here: www.sentinelone.com/labs/threat-...

We loved seeing folks at CYBERWARCON! Thanks for attending our workshop, checking out Synapse in action, grabbing swag, and playing Go with us on our custom board!
vertex.link/events/cyber...

Adversaries move fast, but their infrastructure patterns betray them. Our new @vertexproject.bsky.social Synapse Rapid Power-Up for Validin, built in-house by @sentinellabs.bsky.social engineers and open-sourced, makes those patterns visible — and operational for analysts. s1.ai/sv-pwrup

Had a fantastic time seeing new faces and catching up with old friends at #CYBERWARCON this week! Thanks to everyone who said hello, stopped by the @vertexproject.bsky.social booth, or participated in our #Synapse challenge. And thanks to @hultquist.bsky.social for a fantastic event!