Skip Navigation
Get a Demo
 
Senior Threat Researcher

Justin Schoenfeld

Justin is responsible for analyzing new cloud attack techniques and understanding different telemetry sources. He gained his B.A. in Computing Security from the Rochester Institute of Technology. His love for cloud and identity telemetry came from his experience with analyzing email-based attacks while serving as a detection engineer within Red Canary's Customer Security Operations team.
How adversaries use Entra ID service principals in business email compromise schemes
How adversaries use Entra ID service principals in business email compromise schemes
Investigating legacy authentication: The curious case of “BAV2ROPC”
Investigating legacy authentication: The curious case of “BAV2ROPC”
Diary of a Detection Engineer: Exposing and shutting down an inbox heist in action
Diary of a Detection Engineer: Exposing and shutting down an inbox heist in action
Cloud coverage: Detecting an email payroll diversion attack
Cloud coverage: Detecting an email payroll diversion attack
Detecting suspicious email forwarding rules in Office 365
Detecting suspicious email forwarding rules in Office 365
Remote access tool or trojan? How to detect misbehaving RATs
Remote access tool or trojan? How to detect misbehaving RATs
Rclone Wars: Transferring leverage in a ransomware attack
Rclone Wars: Transferring leverage in a ransomware attack
Catch me if you code: how to detect process masquerading
Catch me if you code: how to detect process masquerading
 
 
Back to Top