Detecting Command and Control in RSA NetWitness: PowerShell Empire
April 5, 2019
There are a myriad of post exploitation frameworks that can be deployed and utilized by anyone....
RSA NetWitness Log & Network Parser Meta Mapping
April 3, 2019
Often times, Administrators and Content Managers alike need more information regarding their...
RSA NetWitness Platform Newsletter, April 2019, Issue #1
April 1, 2019
Hi Everyone, On behalf RSA NetWitness, we are excited to bring you our first issue of the RSA...
RSA NetWitness Endpoint Application Rules Mapping with MITRE’s ATT&CK™
March 29, 2019
Introduction to MITRE’s ATT&CK™ Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) for...
RSA Charge 2019: Register before April 2 and Save $400
March 28, 2019
This is not an April Fools’ Day joke – RSA Charge registration fees go up from $595 to $995 on...
Cisco Umbrella Logs & RSA NetWitness Integration
March 26, 2019
Cisco Umbrella uses the internet’s infrastructure to block malicious destinations before a...
RSA NetWitness Detects New Phishing Vector
March 25, 2019
On a recent engagement, I took a different approach to finding possible malicious files entering...
Running RSA NetWitness in Mixed-Mode
March 20, 2019
This post details some of the implications of running in a mixed-mode environment. For the purposes...
Custom IIOC Creation in RSA NetWitness Endpoint v4.4
March 19, 2019
Instant Indicators of Compromise (IIOC)s are a feature within the NetWitness Endpoint (NWE)...
Azure Monitor & RSA NetWitness Integration
March 19, 2019
Customers that use Azure cloud infrastructure require the ability to enable their Security...