RSA NetWitness News Bytes: Investigate Query Hints
March 20, 2020
In RSA NetWitness 11.4 the Events workflow now provides analysts query hints to help them...
What's updog?
March 16, 2020
Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via...
Throwback C2 Thursday
March 5, 2020
This post is going to cover a slightly older C2 framework from Silent Break Security called, ...
Dell Technologies (RSA) Named a Leader in 2020 Gartner Magic Quadrant for SIEM
February 28, 2020
We are excited to share that Dell Technologies (RSA) has been positioned as a “Leader” by Gartner...
Identifying Multi-Valued Metas in the RSA NetWitness Platform
February 22, 2020
The concept of multi-valued meta keys - those which can appear multiple times within single...
Around the Fire With Old Friends (CVE-2019–0604, and CVE-2017-0144)
February 14, 2020
In this post we will cover CVE-2019-0604 (https://nvd.nist.gov/vuln/detail/CVE-2019-0604), albeit a...
11.4 AWS Full Stack Deployment
February 3, 2020
Hi everyone! In this video blog, I provide a demo of getting an 11.4 RSA NetWitness Platform full...
Using Respond for Data Exploration
January 31, 2020
Did you know that you can use Respond for data exploration, even if you aren't using it for...
Using the RSA NetWitness Platform to Detect C&C: goDoH
January 12, 2020
DNS over HTTPS (DoH) was introduced to increase privacy and help prevent against the manipulation...
Detecting DNS tunneling in RSA NetWitness: DNS2TCP
January 10, 2020
When performing network forensics, all protocols should be analysed, however, some tend to be more...