Sample of my present & past research publications & presentations
Introducing the Splunk Technology Add-on for Ollama: Illuminating Shadow AI Deployments
Getting Started With Copilot Log Analysis for Security in Microsoft 365 With Splunk
Using Splunk to Develop Local LLM MCP Mitre Atlas Detections
Using Splunk to Monitor the Security of MCP Servers
How to Use Splunk to Monitor Security of Local LLMs (Part II)
How To Use Splunk To Monitor Security of Local LLMs (Part I)
STRT – Infostealer Campaign against ISPs
Black Hat Arsenal USA – 2024 – Splunk Attack Range
Hackmiami – Introduction to LangChain – March 2024
STRT – Detecting WS FTP Server exploitation with Attack Range – Oct 2023
Hackmiami – Robots 101 – Interacting Attacking AI Robot – May 2023
STRT – CISA Top 10 Malware – January 2023
A DCO Force-Multiplier; STRT Detections of Destructive Payloads July 2022
STRT – Industroyer2 – June 2022
STRT – CPE Destructive software – April 2022
STRT – Threat Update Caddy Wiper – April 2022
STRT – Threat Update Double Zero Destructor – March 2022
STRT-Detecting HermeticWiper & Ransomware Decoy Mar 2022
STRT-TA02- Threat Advisory. Destructive Software-Jan 2022
Approaching Linux Post Exploitation with Splunk Attack Range. SPLUNK STRT – Jan 2022
DEF CON 29 Cloud Village – Rod Soto – Detection Challenges in Cloud Connected Credential Attacks
Black Hat Europe 2021 – Git Wild Hunt. A Tool for Hunting Leaked Credentials
Black Hat Arsenal USA 2021- Git Wild Hunt
Due to Less Pollution, Secrets Stored on the Cloud are Now Clearly Visible – RSA USA Conference 2021
Detecting Trickbot with Splunk
Hackmiami Meetup 02-06-2021 Whatsapp, Telegram & Signal attack vectors
Kitploit – GitWildHunt A Tool To Hunt For Credentials In Github Wild AKA Git*Hunt
Black Hat Arsenal Europe 2020 – git-wild-hunt: Pwn API and leaked secrets
Purple Team Summit 2020 – Adversarial Attack Range with Splunk
Blog – Detecting Ryuk using Splunk Attack Range
Blog – Using Splunk to Detect Abuse of AWS Permanent and Temporary Credentials
DEF CON Safe Mode Red Team Village – Rod Soto – Have My Keys Been Pwned API Edition
Blog -Approaching Azure Kubernetes Security
Blog – Approaching Kubernetes Security — Detecting Kubernetes Scan with Splunk
Blog – Splunk Attack Range Now With Caldera and Kali Linux
Blog – Use Cloud Infrastructure Data Model to Detect Container Implantation (MITRE T1525)
Rod Soto – Jose Hernandez. DEFCON Red Team Village May-hem online summit 2020. Red Teaming Devops.
Rod Soto – Jose Hernandez. Hackmadrid %27 Online Meetup. Red Teaming Devops (In Spanish – Espanol)
Rod Soto – Attacking & Defending Against Drones. Pacific Hackers Online Meetup 2020.
Bsides SFO 2019 – Profiling “VIP Accounts” Access Patterns in User-Centric Data Streams
Shellbot Crimeware Re-Emerges in Monero Mining Campaign (Dark Reading)
BSides Las Vegas 2018 – I am the cavalry
IATC – Cavalry is ALL OF US – Joshua Corman, Beau Woods, Rod Soto, Travis Moore & Heath Wickline
DEFCON XXVI – Defcon Demo Labs – Chiron
Black Hat Arsenal USA 2018 – Chiron
Identiverse 2018 – SMS Vulnerabilities in Identity Management
SAMBA Protocol Vulnerabilities Threat Advisory – 2018 – JASK
Domain Impersonation / IDN Campaigns TA – 2018 – JASK
DerbyCon 2017 – Chiron Home based ML IDS with Joseph Zadeh
Hackmiami Conference 2017 – Detection of webshells in compromised perimeter assets using ML algorithms
RSA Conference 2017 – Automated Prevention of Ransomware with Machine Learning and GPOs
DEFCON 2016 – Packet Hacking Village Dynamic Population discovery for Lateral Movement Detection
Hackmiami Conference 2015 – Biohacking – Implantable chip attack vector Demo video
Aktaion – Signatureless Threat Detection. Open source ML tool for ransomware detection
The Lambda Defense: Functional Paradigms of Defense for Cybersecurity
BSides Orlando 2014 – Civilianization of War, paramilitarization of cyberspace and its implications for infosec pros
AKAMAI State of The Internet Q4-2014
DDoS attacks against global markets PLXSert – White Paper