Microsoft

CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents

CTI-REALM is Microsoft’s open-source benchmark that evaluates AI agents on real-world detection engineering. It measures whether an agent can take cyber threat intelligence (CTI) and produce validated ...
WeLiveSecurity

EDR killers explained: Beyond the drivers

ESET researchers dive deeper into the EDR killer ecosystem, disclosing how attackers abuse vulnerable drivers.