Extracting Event Time from Logs
January 24, 2017
Last Updated: 12:41 February 27th 2017 Latest Version: 17 I had a customer who wishes to extract...
RSA NetWitness Suite Customer Summit
January 18, 2017
Please join us for the RSA NetWitness Suite Customer Summit at the RSA Conference 2017 in San...
Context Menu - VirusTotal Hash Lookup
January 16, 2017
Lets say you have NetWitness packet capture and you are at the point where you have located a...
LUA Parser to deal with Alternative Syslog formats
January 13, 2017
I have a customer who use something called a "Data Diode" to enforce one way connectivity through...
Content Update
January 13, 2017
Hopefully everybody had a great holiday season! I know we did, and we've been getting some new...
Candygram for Mongo??
January 10, 2017
Over the last several weeks, the security community has bit their collective tongues as they watch...
Collection of 2017 Security Predictions
January 10, 2017
This is a collection 2017 security predictions made by various organizations. I have put them under...
How to upload a .feed file with NwConsole
January 9, 2017
Some threat data vendors provide a compiled .feed file as a potential output for use with RSA...
ESA - Intrusion Detection with Windows Event Logs
January 6, 2017
This is an attempt to implement a research paper that I found via a twitter post some time in mid...
Context Menu - Investigate IP from DNS
January 3, 2017
This context menu allows a right click pivot from DNS traffic (alias.ip) to any equivalent HTTP...