Olivia
Online
Ross Wolf
@rw_access
fan of the absurd. engineer for @Sublime_Sec. previously at @Elastic @EndgameInc @MITREcorp
Colorado
Joined June 2018
619 Following
1.1K Followers
631 Posts
Speed matters in threat hunting.
We built high-performance historical hunting and detection backtesting at Sublime that scales to millions of messages without slowing analysts down.
Read the technical deep dive: https://t.co/gHhnCsaVHE
@sublime_sec TL;DR How to make ~90% similarity search
Instead of one hash for a 100% match,
1. Use many min hashes (400-500)
2. Group those into a handful of big hashes (10-20)
3. Find an exact matching big hash to get close
4. Count matching small hashes to calculate similarity
I'm definitely feeling warm and fuzzy hashes this holiday season. Fast similarity is something that stumped me for a very long time, but MinHash turned out to be an elegant solution!
Wrote up how to build it from scratch on the @sublime_sec blog
Grouping similar emails creates herd immunity and boosts analyst productivity. We built a low-latency similarity system that groups millions of messages in milliseconds. Technical deep dive: https://t.co/WD5t4gKNbX
We’re excited to announce that Sublime has raised $150M in a Series C led by @Georgian_io, joined by new investors @Avenir_Growth, @01Advisors, @jonoberheide, and @nicoleperlroth, and existing investors @IndexVentures, @IVP, @slow, and @CitiVentures.
This year we launched ASA and ADÉ, our AI agents that autonomously triage threats and auto-adapt coverage, freeing security teams from repetitive work and delivering rapid, tailored defenses. We’ve grown our customer base 4x since the beginning of the year while maintaining zero enterprise customer churn since company inception.
This funding accelerates our vision to deliver autonomous email security that adapts to each organization's unique needs, stopping sophisticated attacks while eliminating the manual work and vendor bottlenecks of legacy solutions.
Thank you to our customers, partners, and investors for being on this journey with us.
🔗 Read more: https://t.co/6YuVmw9ZqS
Who to follow
Steve YARA Synapse Miller
@stvemillertime
AI threat intelligence @google
writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara
Cody Thomas
@its_a_feature_
Mythic Developer (https://t.co/Uz4fOxIUbe) | @SpecterOps @[email protected] | @its-a-feature.bsky.social
Joe Desimone 
@dez_
Security & AI @ Microsoft. Posts are my own
Introducing email bomb protection from Sublime: a powerful solution for automatically detecting, remediating, and triaging email bombs. In these attacks, an adversary will send hundreds or thousands of emails at once to flood an inbox and obfuscate the malicious intent. Learn how our solution works and how to use it: https://t.co/hSc8ONYM4V
Introducing email bomb protection from Sublime: a powerful solution for automatically detecting, remediating, and triaging email bombs. In these attacks, an adversary will send hundreds or thousands of emails at once to flood an inbox and obfuscate the malicious intent. Learn how our solution works and how to use it: https://t.co/hSc8ONYM4V
this was a very cool problem to solve with @filar! It's such a natural evolution of the platform, which has been group-centric since day 1.
Fellow nerds, look out for an engineering post about how "fuzzy" grouping works and the scaling+realtime challenges we had to overcome
Mass volume email attack campaigns are often customized to the recipient to increase legitimacy.
We recently improved our campaign grouping algorithm to be better at identifying similar messages in a campaign to cut review time, reduce alerts, and boost herd immunity.
Read how it works here: https://t.co/xI8dfDWqKa
@jkamdjou Mona Q. Lisa
or MQL for short
@sublime_sec if loving angles is wrong, I don't wanna be right
@rseymour https://t.co/IRGloqlgS8
@drewbadtweets clearly, this platform gets better by the day
@drewbadtweets i thought it could be turned off
@jonathanbourke @sublime_sec Happy to help you debug! Do you mind hopping in our community slack so we can take a look? Twitter replies are just so painful for the back and forth, and I find it way more productive
@Andrew___Morris down with the sickness or bust. i'll wait
if a rule is too complex to understand, the alert is even worse
@br0k3ns0und you should write the zen down! our v1 was https://t.co/PdodNUiiNU but could use a refresh!
@GabrielLandau Could also cheaply hash the first 1K with an 8 byte hash and the full contents as a SHA256 hash. One fast, one slow. Since many binaries are aligned by the KB or half-KB (as @Andrew___Morris can attest), there's not as much entropy in the file size as you'd think.
Last Seen Users on Sotwe
Blue Turtle
Seen from Vietnam
Baby jess
Seen from Turkey
◌♡⋆ป้าฟ้า ♥*..รับเปิดกล้อง..ขายรูป..ขายผ้าถุง..
Seen from Thailand
PEMUJA.sekte18+
Seen from Indonesia
Asia viralgaze
Seen from United Arab Emirates
hardcore videos
Seen from Turkey
BlackMorty
Seen from United States
breedvidsg
Seen from Malaysia
صديق مصرى
Seen from Egypt
holedestroyer
Seen from Indonesia
Most Popular Users
Elon Musk
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.3M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.3M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers