logo
Defence blues
Patterns and detection
  • Red wilds
  • Privacy greenhouse
  • Purple crossroads
  • Indigo observatory
  • Contact
Initializing search
    • Golem Trust Computing Ltd.
    • Department of Silent Stability
    • The Home for Bewildered Beasts of Legend
    • Stormforge training grounds
    • Honeytech for humans
    • Blue team @Purpleteaming
      • In the beginning …
      • Middle ground
      • End of story
        • Watching data being gathered
          • Patterns and detection
            • Collection: defender context
            • Detecting collection activity
          • Patterns and detection
            • Collection: defender context
            • Detecting collection activity
          • Collection activity hunting
        • Watching the exits
        • Limiting the blast radius
    • Blue team @SOC
    • Blue team for dev
    • Blue team @Home
    • Bulletproofing servers

    Patterns and detection¶

    Context and detection patterns for the collection phase, covering how attackers identify, aggregate, and stage data before exfiltration.

    • Collection: defender context
    • Detecting collection activity
    2026-03-25 20:00
    © Copyright 2025, TyMyrddin.
    Created using Sphinx 7.2.6. and Sphinx-Immaterial

    Made with love in the Unseen University, 2025, with a forest garden fostered by /ut7