Cynet Provides Security Responders with Free IR Tool to Validate and Respond to Active Threats

Cynet Free IR empowers its users with a solution that is accessible and easy to use, bringing crucial incident response services in-house, while saving them valuable time and resources. Continue reading Cynet Provides Security Responders with Free IR Tool to Validate and Respond to Active Threats

[SANS ISC] Querying DShield from Cortex

I published the following diary on isc.sans.edu: “Querying DShield from Cortex”: Cortex is a tool part of the TheHive project. As stated on the website, it is a “Powerful Observable Analysis Engine”. Cortex can analyze observables like IP addresses, emails, hashes, filenames against a huge (and growing) list of online services.

[The post [SANS ISC] Querying DShield from Cortex has been first published on /dev/random]

Continue reading [SANS ISC] Querying DShield from Cortex

[SANS ISC] The real value of an IOC?

I published the following diary on isc.sans.org: “The real value of an IOC?“: When a new malware sample is analysed by a security researcher, details are usually posted online with details of the behaviour and, based on this, a list of IOCs or “Indicators of Compromise” is published. Those indicators

[The post [SANS ISC] The real value of an IOC? has been first published on /dev/random]

Continue reading [SANS ISC] The real value of an IOC?

[SANS ISC] Extending Hunting Capabilities in Your Network

I published the following diary on isc.sans.org: “Extending Hunting Capabilities in Your Network“: Today’s diary is an extension to the one I posted yesterday about hunting for malicious files crossing your network. Searching for new IOCs is nice but there are risks of missing important pieces of information! Indeed, the first

[The post [SANS ISC] Extending Hunting Capabilities in Your Network has been first published on /dev/random]

Continue reading [SANS ISC] Extending Hunting Capabilities in Your Network