Detecting Lateral Movement in RSA NetWitness: Winexe
April 10, 2019
Introduction Lateral movement is a technique that enables an adversary to access and control remote...
Detecting Lateral Movement in RSA NetWitness: WMI
April 9, 2019
Introduction Lateral movement is a technique that enables an adversary to access and control remote...
Threat Intel Integration with MISP and Minemeld
April 5, 2019
RSA NetWitness has a number of integrations with threat intel data providers but two that I have...
RSA NetWitness Platform Newsletter, April 2019, Issue #1
April 1, 2019
Hi Everyone, On behalf RSA NetWitness, we are excited to bring you our first issue of the RSA...
RSA Charge 2019: Register before April 2 and Save $400
March 28, 2019
This is not an April Fools’ Day joke – RSA Charge registration fees go up from $595 to $995 on...
Custom IIOC Creation in RSA NetWitness Endpoint v4.4
March 19, 2019
Instant Indicators of Compromise (IIOC)s are a feature within the NetWitness Endpoint (NWE)...
RSA NetWitness Packet Meta in ELK
March 11, 2019
In line with some of my other integrations, I recently decided to also create a proof-of-concept...
RSA NetWitness Endpoint Detection of New Microsoft Zero-Day Vulnerability
March 11, 2019
A question was posed to our team by one of the engineers; had we seen the new Chrome and Microsoft...
What's new with Device.IP
February 26, 2019
Recently, a question came from a customer who wanted to know if it was possible to alert when a new...
What's on your wire: The curious case of ICMP Tunneling
February 26, 2019
I've come across ICMP tunneling only a handful of times, but this was the first time I had seen it...