Netwitness Platform Integration with AWS Application Load Balancer Access logs
July 23, 2024
Load balancers sit Infront of the servers, distributes and balances the network and application...
The Sky Is Crying: The Wake of the 19 JUL 2024 CrowdStrike Content Update for Microsoft Windows and We Should Take Away From It
July 20, 2024
Introduction Yesterday was a challenging day for many organizations, teams, and individuals...
DDoS using BotNet Use Case
May 7, 2024
Introduction The NetBot tool is a versatile command and control center (CCC) for DDoS Botnet Attack...
HYDRA Brute Force
May 7, 2024
INTRODUCTION Hydra stands as a formidable tool in the arsenal of cybersecurity professionals and...
A Closer Look at Advanced EPL (ESA) Through a Rule and its Components
March 13, 2024
It is no secret that getting your head around the capabilities or syntax of Esper EPL can be...
FirstWatch Threat Spotlight – Remcos RAT
August 22, 2023
Summary: Remcos is a closed-source tool that is marketed as a remote control and surveillance...
Content Hygiene – Application Rule Alert Mapping Updates
July 11, 2023
To help facilitate future content improvements such as new bundles and feeds, we have adjusted the...
Microsoft Azure Log Analytics workspace integration with Netwitness
May 25, 2023
Azure Log Analytics workspace is a unique environment for log data from Azure Monitor and other...
File Activity Alert Optimization in Multi-EPS Deployment
March 16, 2023
In 12.1 and older versions, if a file present on a host such as Host 1 was found malicious or...
Threat Profile Series: An Introduction to Royal Ransomware
March 14, 2023
Towards the end of 2022, researchers at SOCRadar recognized a relatively new cyber gang, Royal, as...