Collaborate Disseminate
Open-source GitHub cybersecurity projects, developed and maintained by dedicated contributors, provide valuable tools, frameworks, and resources to enhance security practices. From vulnerability scanning and network monitoring to encryption and inciden… Continue reading 20 cybersecurity projects on GitHub you should check out
Tldr: We upgraded the VirusTotal MISP modules and added new cool relationships.Historically, VirusTotal provides integration to MISP through two modules (corresponding to public and VT Enterprise subscriptions) created and maintained by the community. … Continue reading VirusTotal’s MISP modules get a fresh upgrade
Dear blog readers,This is Dancho. I wanted to let everyone know that I’ve recently started running a proprietary MISP (Malware Information Sharing Platform) instance where I distribute and share most of my proprietary research with a variety of third-p… Continue reading Dancho Danchev’s Blog – Proprietary MISP (Malware Information Sharing Platform) Instance Running – Request Access Today!
Intel 471 has announced the release of a MISP integration with premium cybercrime feeds. MISP is an open source threat intelligence platform for gathering, sharing, storing and correlating indicators of compromise (IoCs) of targeted attacks, threat int… Continue reading Intel 471 and MISP help users maximize data value without unmanageable complexity
Yesterday, a very interesting article was published on the MISP blog by my friend Koen about a solution to monitor a MISP instance with Cacti. Monitoring your threat intelligence platform is always a good idea because many other tools depend on it. You can feed other tools with MISP data
The post Monitoring MISP with Nagios appeared first on /dev/random.
I published the following diary on isc.sans.edu: “Simple Blacklisting with MISP & pfSense“: Here is an example of a simple but effective blacklist system that I’m using on my pfSense firewalls. pfSense is a very modular firewall that can be expanded with many packages. About blacklists, there is a well-known
The post [SANS ISC] Simple Blacklisting with MISP & pfSense appeared first on /dev/random.
Continue reading [SANS ISC] Simple Blacklisting with MISP & pfSense
By Alex Kirk, Corelight Global Principal for Suricata Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma, the only generic signature language that enables … Continue reading Zeek & Sigma: Fully Compatible for Cross-SIEM Detections
By Alex Kirk, Corelight Global Principal for Suricata Corelight recently teamed up with SOC Prime, creators of advanced cyber analytics platforms, to add support for the entire Zeek data set into Sigma, the only generic signature language that enables … Continue reading Zeek & Sigma: Fully Compatible for Cross-SIEM Detections
I’m in Luxembourg for a full week of infosec events. It started today with the MISP summit. It was already the fifth edition and, based on the number of attendees, the tool is getting more and more popularity. The event started with a recap of what happened since the last
[The post MISP Summit 0x05 Wrap-Up has been first published on /dev/random]
I published the following diary on isc.sans.edu: “Querying DShield from Cortex”: Cortex is a tool part of the TheHive project. As stated on the website, it is a “Powerful Observable Analysis Engine”. Cortex can analyze observables like IP addresses, emails, hashes, filenames against a huge (and growing) list of online services.
[The post [SANS ISC] Querying DShield from Cortex has been first published on /dev/random]