thruntr

thruntr

$ thruntr▌

Notes and thoughts from a threat hunter.

What this is

A newsletter for aspiring, beginner, and experienced threat hunters (or our other blue team colleagues). Some weeks it will be a hunt query breakdown. Some weeks it’s about workflow and methodology (I think about this too much). Other times it will just be a step back to ask where the industry and threat hunting specifically is heading.

What you get

Hands-on hunts

Detection use cases, hunt analytics, hypothesis design, and the logic behind them. Vendor-neutral in as many cases as possible because I have an allergy to vendor lock-in.

Tradecraft of the week

AI agent detection, LOLBAS, emerging TTPs, supply chain (looking at you NPM), etc. I’ll do my best to keep you apprised of interesting and novel methodology as it arises.

Methodology

How to structure a hunt, and how to keep a hunt program from rotting once you have a hundred of them. Discussions on some of the more popular frameworks like PEAK, ATHF, TaHiTI, and whatever comes next.

The bigger picture

Where threat hunting is going as agents, automation, and AI-native workflows reshape the SOC. Opinions, predictions, and the occasional argument when I just can’t help myself.

Tools I find and build

What I’m trying, what I’m building, and what’s actually worth your time. Only the useful stuff, this isn’t a vendor press release aggregator.

Who I am

Glenn Barrett. Active threat hunter, methodology nerd, and occasional strong opinion. 20+ years of infosec across incident response, detection engineering, and threat hunting.

This newsletter is personal. Opinions are my own. Built entirely on public intel, vendor documentation, generalizable patterns, and original synthesis. Nothing here comes from any employer’s internal hunts, IOCs, detections, or incidents.

Why subscribe?

Subscribe to get full access to the newsletter and publication archives.

Stay up-to-date

Never miss an update—every new post is sent directly to your email inbox. For a spam-free, ad-free reading experience, plus audio and community features, get the Substack app.

User's avatar

Subscribe to thruntr

Exploring what's new in threat hunting, from agentic AI to emerging tradecraft and the tools I find and build along the way.

People

© 2026 thruntr · PrivacyTermsCollection notice
Start your SubstackGet the app
Substack is the home for great culture