RSA Netwitness - Use Cases
October 26, 2016
Category Sub Category #Use Case Log Source #RSA Supported #Business Use Cases ...
Investigation Bootcamp
October 21, 2016
Hi Folks, I recently a recorded a few brief videos explaining the Investigation module of...
LUA - Common Event Format (CEF) Script Template
October 19, 2016
The CEF helper script attempts to fill the gap of CEF extensions that the system parser does not...
[Lua parser] Korean registration number detection.
October 18, 2016
I attached korean registration number detection lua parser with it's validation logic to help our...
Yara configuration and basic use
October 18, 2016
Walking through configuration and use of yara in NetWitness Endpoint 4.2 and later.
Integrating a MySQL (community) database with NetWitness for Logs
October 18, 2016
Preface Enabling MySQL collection Testing MySQL collection Preface This blog post should help...
Adding external intelligence to NetWitness for Logs and Packets
October 18, 2016
Preface Downloading and pre-processing external content Creating a custom feed Preface This blog...
[Netwitness-MA] SMB sharing with Checkpoint TE Sandbox
October 17, 2016
Recently, I started new SA4P project with Checkpoint TE(Sandbox) and need to provide MA analysis...
RSA FirstWatch: Mirai and all things IoT
October 13, 2016
Over a year ago, RSA front man Amit Yoran likened “stumbling around in the dark as a pretty good...
Everything is PossiEPL
October 12, 2016
Event Processing Language is utilised within the NetWitness Event Stream Analysis (ESA) component....