We've been big fans of the Thinkst platform for a while now. We may have mentioned them a time or two :) Like many others, we get a lot of mileage out of their Canaries and Canary Tokens. We also love TheHive, as you probably already know. As we've long touted,…
A quick guide on visualizing geographical information about IP addresses using Python…
If you couldn't tell by now, we love Graylog. We may have mentioned them a time or two :) We also love TheHive. It makes tracking incidents easy, it's reliable, and it's another well-managed open source project that we support and contribute to. TheHive also integrates with Cortex, which allows us…
Part of our job at Recon relies on fine tuning our threat signatures that make up the bulk of our pipeline rules in our Graylog environment. Because of this, they are constantly changing, growing, being tuned, and ultimately becoming more effective over time at detecting anomalous activity.…