Threat Hunt Catalog: Bringing Sigma Detections to Life
A threat hunting platform that turns Sigma detection rules into actionable OpenSearch queries, letting security analysts go from 'I need to hunt for threats' to 'Here are the results'.
Detection Engineering7
Check out the latest posts
IntelliBroń Malware Detection and Analysis: DarkCrystal RAT
This article demonstrates how the IT professionals and analyst can swiftly identify and assess incidents indicating that an asset has been compromised by DarkCrystal RAT using Bellatrix Dashboard, an intuitive dashboard designed for IT professionals and analysts.
Streamlining Suricata / Snort Signature Development with Dalton
Developed by Secureworks, Dalton provides an intuitive web-based interface to configure and run IDS engines with user-provided packet captures, rulesets (pre-defined or custom), and configuration files
Automated Suricata-to-ATT&CK Mapper using Machine Learning
Machine learning algorithms can be trained to recognize patterns in the data and make accurate predictions about the appropriate mapping of Suricata rules to MITRE ATT&CK tactics and techniques
SALO: Generating Diverse Log Events Without Infrastructure
The security team could create synthetic log events that mimic the behavior of the attacker. By specifying the parameters and conditions of the log generation, the security team could create log events in a consistent and reproducible way
Send OpenSearch Dashboard Alert via Telegram Messenger
In this article, I will explain how to send alert from OpenSearch Dashboard to Telegram messenger bot. OpenSearch Dashboard itself is a fork of Kibana