/r/blueteamsec/

r/blueteamsec

68k members
View on Reddit
r/blueteamsec is a subreddit with 68k members. The most common kinds of discussions are news and ideas, and the community frequently discusses security, malware, analysis, vulnerabilities, and vulnerability.
We focus on technical intelligence, research and engineering to help operational [blue|purple] teams defend their estates and have awareness of the world. Our primary home is on Lemmy after the great ban debacle of 2025.

Popular Themes in r/blueteamsec

#1
News
: "Where Have All the Complex Windows Malware and Their Analyses Gone?"
30 posts
#2
Ideas
: "Introducing Package Proxy: supply-chain safety checks without client-side software"
10 posts
#3
Solution Requests
: "KQLab - open-source query manager for SOC teams"
7 posts
#4
Advice Requests
: "Built an open-source Distributed Deception Hub (Micro-SIEM) to replace noisy alerts with high-fidelity tripwires. Looking for operational feedback."
6 posts
#5
Pain & Anger
: "Warning: Deribit silently patches critical security flaws and ghosts the researchers. Can we trust an exchange that hides its vulnerabilities?"
2 posts

Popular Topics in r/blueteamsec

#1

Security

: "Warning: Deribit silently patches critical Security flaws and ghosts the researchers. Can we trust an exchange that hides its vulnerabilities?"
86 posts
#2

Malware

: "I analyzed 196k+ Sysmon events and found APT29 staging Malware in Temp. Here is my detection logic."
45 posts
#3

Analysis

: "goodboy-framework: 15-stage Windows malware development & Analysis course in Rust. Red team builds it, blue team detects it. All 15 binaries achieved 0/76 on VirusTotal."
36 posts
#4

Vulnerabilities

: "CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path"
29 posts
#5

Vulnerability

: "Disclosing PhantomRPC – a privilege escalation Vulnerability in RPC"
25 posts
#6

Cybersecurity

: "Where Have All the Complex Windows Malware and Their Analyses Gone?"
25 posts
#7

Exploitation

: "CrowdStrike LogScale queries I use to detect LOLBin- built from 10 years of production SOC work"
24 posts
#8

Threat

: "The Accidental C2: Exploring Dev Tunnels for Remote Access"
19 posts
#9

Incident

: "The Accidental C2: Exploring Dev Tunnels for Remote Access"
14 posts
#10

Ai

: "Supporting Ai adoption for UK cyber defence"
13 posts

Flair Used in r/blueteamsec

#1
highlevel summary|strategy (maybe technical)
: "Where Have All the Complex Windows Malware and Their Analyses Gone?"
32 posts
#2
vulnerability (attack surface)
: "Microsoft Copilot Cowork Exfiltrates Files"
28 posts
#3
research|capability (we need to defend against)
: "Benchmarking Self-Hosted LLMs for Offensive Security"
26 posts
#4
incident writeup (who and how)
: "CrowdStrike LogScale queries I use to detect LOLBin- built from 10 years of production SOC work"
19 posts
#5
tradecraft (how we defend)
: "VanGuard — open-source single-binary DFIR toolkit (Velociraptor, Hayabusa, Chainsaw, Loki, YARA) with TUI, air-gap support, and 28 pre-built use cases"
19 posts
#6
discovery (how we find bad stuff)
: "One KQL query you should have saved in your toolkit (most don’t)"
16 posts
#7
intelligence (threat actor activity)
: "Observed staged Endpoint DLP masquerade / DLL sideloading chain - IOCs included"
16 posts
#8
low level tools|techniques|knowledge (work aids)
: "KQLab - open-source query manager for SOC teams"
13 posts
#9
exploitation (what's being exploited)
: "Someone Bought 30 WordPress Plugins and Planted a Backdoor in All of Them."
8 posts
#10
malware analysis (like butterfly collections)
: "Living off the Land with VS Code: Inside a Sophisticated Phishing Campaign"
7 posts

Member Growth in r/blueteamsec

Yearly
+14k members(26.5%)

Similar Subreddits to r/blueteamsec

/r/blackhat

r/blackhat

113k members
10.0% / yr
/r/cybersecurity

r/cybersecurity

1.5M members
19.6% / yr
/r/cybersecurity_

r/cybersecurity_

622 members
111.6% / yr
/r/cybersecurity_news

r/cybersecurity_news

15k members
31.5% / yr
/r/hacking

r/hacking

3.0M members
4.1% / yr

r/Infosec

37k members
27.9% / yr

r/InfoSecNews

24k members
20.4% / yr
/r/netsec

r/netsec

563k members
6.7% / yr
/r/pwnhub

r/pwnhub

35k members
428.3% / yr
/r/SecOpsDaily

r/SecOpsDaily

11k members
517.4% / yr

About

GummySearch helps people research Reddit communities by organizing activity, growth, themes, and post-level signals into one place.

This page gives a focused view of r/blueteamsec, including current member size, discussion patterns, product reviews, and related communities to explore.

This data is synced periodically so insights stay current and useful for ongoing research.

Last updated: June 9, 2026