[0x5B4265473030445D] - The Meet

We keep moving, no brakes, just more signals to explore and systems to break (and fix). April brings another round of sharp content, real-world insights, and hands-on lessons from practitioners on both sides. If you enjoyed the insights from the last event, this one is definitely for you.

To kick things off, Simão Ribeiro (@BLUECAP.​ONE) will walk us through the journey from manual SOC triage to building an AI-assisted investigation pipeline where humans remain in control at every critical step. Rather than replacing analysts, this approach leverages supervised autonomy to reduce alert fatigue, accelerate investigations, and enforce structured, auditable evidence handling. Expect practical insights into real-world engineering decisions, from agent pipelines and multi-model routing to how proper planning, evidence tracking, and modular design can turn AI into a reliable ally in modern security operations.

Still not satisfied? No worries, the cat-and-mouse game continues. Back on our stage, Rodrigo Lima (@Pengrey) will show how trusted, already-installed extensions can be turned against the organization in post-compromise scenarios, extending access, expanding footholds, and transforming legitimate tooling into an unexpected attack surface.

Just a friendly reminder, this is an in-person event. Before RSVPing, please double-check that you can attend and be there in person. Good logistics rely on it!

In the meantime, you can join our Slack chat to discuss all kinds of hackish stuff and, of course, interact with other members.

Don't miss out. Your FOMO will be justified if you are looking to level up your security game.

[Goals]

Learn something new, get to know other g33ks, and, the most important thing, have fun.

[Agenda]

- "SOC AI  ̵A̵u̵t̵o̵m̵a̵t̵i̵o̵n̵ Full Assistant: Humans in Control" (PT/EN) by Simão Ribeiro (@BLUECAP.​ONE)
- "Extending My Access" (PT/EN) by Rodrigo Lima (@Pengrey)

[Challenge]

Sub: Internal Memo

The warehouse gateway (https://madlabs.pw/) just got a major upgrade and now proudly supports modern protocols. Unfortunately, not all systems were as lucky. There have been whispers that clever operators might smuggle something unintended past the gateway… but it’s probably nothing.

Carry on and report any anomalies to (@)dinho or (@)simps0n.