Keeping an eye on your Hounds...
March 18, 2019
When attacking or defending a network it is important to know the strategic points of the...
Do you MFT? Here's an MFT Overview.
March 13, 2019
RSA Netwitness Endpoint (NWE) offers various ways to alert the analyst of potentially malicious...
RSA NetWitness Packet Meta in ELK
March 11, 2019
In line with some of my other integrations, I recently decided to also create a proof-of-concept...
RSA NetWitness Endpoint Detection of New Microsoft Zero-Day Vulnerability
March 11, 2019
A question was posed to our team by one of the engineers; had we seen the new Chrome and Microsoft...
Introducing RSA NetWitness Platform 11.3
March 5, 2019
We are excited to announce the latest version of the RSA NetWitness Platform! For those of you at...
Using RSA NetWitness to Detect Command and Control: PoshC2
March 4, 2019
Understanding how attackers may gain a foothold on your network is an important part of being an...
What's new with Device.IP
February 26, 2019
Recently, a question came from a customer who wanted to know if it was possible to alert when a new...
What's on your wire: The curious case of ICMP Tunneling
February 26, 2019
I've come across ICMP tunneling only a handful of times, but this was the first time I had seen it...
Hex Encoded Executables
February 26, 2019
Attackers are continuously evolving in order to evade detection. A popular method often utilized is...
ESA - Using In Memory tables for WhatsNew
February 26, 2019
These are a collection of ESA rules that create persisted in-memory tables for various different...