Joe Desimone

Verified account

@dez_

Security & AI @ Microsoft. Posts are my own

Joined May 2008

556 Following

10.4K Followers

1.4K Posts

dez_ retweeted

22 days ago

Our new multi-model agentic security system brings together more than 100 specialized agents across frontier and custom models to find exploitable bugs, delivering top performance on the CyberGym benchmark. We used it ahead of Patch Tuesday to help find and fix 16 vulnerabilities. Today we’re announcing that customers can sign up to test it in private preview. https://t.co/maAN55yZQ1

183

1K

196

248

177K

30 days ago

@HackingLZ Agreed thanks for sharing and writing it up

1

0

0

0

328

about 1 month ago

@_xpn_ @cryps1s I didn't know TLOs was built by @SpecterOps, great work! Is it available for other orgs who are interested in research and evals?

1

5

0

1

323

dez_ retweeted

AI Security Institute

@AISecurityInst

about 1 month ago

OpenAI’s GPT-5.5 is the second model to complete one of our multi-step cyber-attack simulations end-to-end 🧵

AISecurityInst's tweet photo. OpenAI’s GPT-5.5 is the second model to complete one of our multi-step cyber-attack simulations end-to-end 🧵 https://t.co/eQWYbYaa6w

95

2K

397

746

2M

Who to follow

Researcher @SpecterOps. Coding towards chaotic good while living on the decision boundary.

Steve YARA Synapse Miller

@stvemillertime

AI threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara

Roberto Rodriguez 🇵🇪

Verified account

AI Security Researcher @nvidia | Prev: @Microsoft @awscloud | Founder of the @OTR_Community

dez_ retweeted

Andrew Morris (afk)

@Andrew___Morris

about 1 month ago

Howdy folks! Taking a break from my twitter break to let yall know that we released a new @GreyNoiseIO product yesterday. It's called Project Swarm. We've been quietly not-so-quietly working on it for a few years. You can buy it now. It costs $1. There are lots of vulnerabilities on edge-facing apps. To catch in-the-wild exploitation of them, we @ GreyNoise run sensors on the internet. New AI models means more vulnerabilities being identified and exploited, and FASTER. Long term, software and hardware will probably get better, but in the meantime we're gonna have to deal with A LOT of vulnerabilities. At GreyNoise, the sensors we run are basically honeypots- we bait attackers to scan and exploit them which enables us to learn where the attackers are, which vulnerabilities they are exploiting, what it drops, and what it looks like on the wire. From ~2020-now it took us years to build up our fleet. Now anyone can use our new product to deploy their own sensors on their own networks, or an entire fleet of any size, in a day. You can rip back the data and do whatever you want with it. You can resell it, put it into your product, or just stare at it- whatever you want! On our side, we aggregate the data and pour it into a community dataset that everyone shares. As more people join, the data gets bigger and better. Couple neat features: - Sensor deployment is a single bash command on any modern linux distro that supports iptables and wireguard. - Sensors and vulnerable software (profiles) are abstracted into different logical concepts, which means the "what" and "where" are different things, and the sensor is not constrained by the compute required to run the vulnerable software. Also, no matter how hacked the profile (honeypot) gets, it can't touch your host sensor or the rest of your network. - Sensors can run fake honeypots, real software, or even real hardware (bridged with a raspberry pi) like old crappy routers and modems (or expensive firewalls and VPN gateways 👀) - You can create dynamic blocklists that block IPs sourced from your own sensors in real time, so if a remote IP address *looks at your network* the wrong way, you block them instantly. - All the PCAP data is available to you in a gorgeous and intuitive interface at near real time and fully enriched against all of our (thousands of) rules. We're working on the host metadata (malware, syscalls, host behaviors) as well, but this will come later. - If we don't tag a CVE that's interesting to you, you can write a Suricata rule to tag it yourself once and your data gets tagged with it in real time forever. - You can instantly download PCAPs of any exploits that hit your sensors. - If you don't want your data shared with the community dataset, you can talk to our team and we'll work out rights to make it private. Check it out! There's a lot of moving pieces to make this work and we expect bugs, but it's available right now. Join the fight! https://t.co/erAWtX1l7B

14

349

82

268

36K

dez_ retweeted

about 1 month ago

Patch your Linux boxes! https://t.co/VWOUDbLAn2 is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms. Found by the teams at @theori_io and @xint_official More details below https://t.co/9f6T96PvPX

24

971

362

457

249K

about 1 month ago

@_xpn_ @dwizzzleMSFT 😁💚

0

1

0

0

257

about 1 month ago

New adventure: wrapped week one at Microsoft Security! Working alongside @dwizzzleMSFT, who I plan to annoy with a backlog of questions. Excited to work on AI and security at planet scale 🤓

dez_'s tweet photo. New adventure: wrapped week one at Microsoft Security! Working alongside @dwizzzleMSFT, who I plan to annoy with a backlog of questions. Excited to work on AI and security at planet scale 🤓 https://t.co/0FRZrP1Kx4

about 2 months ago

After 10 years at Elastic/Endgame, today is my last day. Incredibly proud of what this small but mighty team has built. Working alongside our community of users has been one of the most rewarding parts of the journey. On to a very exciting new adventure soon, stayed tuned!

25

223

6

18

25K

12

101

0

8

9K

about 1 month ago

@Cyb3rWard0g @dwizzzleMSFT 💜

0

0

0

0

178

about 1 month ago

@JonnyJohnson_ @dwizzzleMSFT 💙

0

1

0

0

155

about 1 month ago

@ItsReallyNick @dwizzzleMSFT Can't wait Nick!

1

3

0

0

285

about 1 month ago

@HackingLZ @dwizzzleMSFT 👀🔭

0

1

0

0

292

about 1 month ago

@soolidsnakee @cyril_t_f @DanielStepanic @k33b0i Great read

0

2

0

0

353

about 1 month ago

@HackingLZ Nice!

0

2

0

0

1K

dez_ retweeted

about 1 month ago

Guess it worked

HackingLZ's tweet photo. Guess it worked https://t.co/lP7lwPEfI3

4

120

1

33

24K

about 2 months ago

@SquiblydooBlog @malbeacon Very!

0

3

0

1

263

about 2 months ago

Engineers at Microsoft have been busy. Today they patched 5 LPE vulns I submitted to their bounty program. All found with AI (not Mythos 😛) Cloud Files Mini Filter Driver - https://t.co/31LzeXBX4J Common Log File System Driver - https://t.co/l6KjFNfJQk Desktop Window Manager - https://t.co/pQwkE7wFzZ Desktop Window Manager - https://t.co/TKYuHqK37k Desktop Window Manager - https://t.co/NfPJZ79tDh

7

202

25

79

18K

about 2 months ago

@daveaitel @NateSilver538 Looks familiar 😆

dez_'s tweet photo. @daveaitel @NateSilver538 Looks familiar 😆 https://t.co/1MLLqBEVum

0

1

0

1

489

about 2 months ago

@N3mes1s @Gi7w0rm @wdormann @HaifeiLi @James_inthe_box @greglesnewich @vxunderground Another attempt at summarization here. Analysis + IoCs Adobe Reader ItW exploitation CVE-2026-34621 https://t.co/qp3snKR4Dg

0

3

1

1

546

Last Seen Users on Sotwe

Trends for you

Most Popular Users