Recon InfoSec | SecOps (3)

Integrating Thinkst Canaries with TheHive

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

We've been big fans of the Thinkst platform for a while now. We may have mentioned them a time or...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Luke Rusten

The Recon incident response team recently worked an intrusion case involving a ManageEngine Desktop...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Brian Greunke

Staying on-top of the latest adversarial methodologies means quickly adjusting to new TTPs and...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

If you couldn't tell by now, we love Graylog. We may have mentioned them a time or two :)

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

TL;DR - we needed to ingest multiple sources of Cylance logs into Graylog, and this is how we did...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

I tweeted this the other day, and had a lot of folks reach out asking for more details/a diagram of...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

Part of our job at Recon relies on fine tuning our threat signatures that make up the bulk of our...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

When I joined the OpenSOC team at the beginning of this year, everything resided on 3 Intel Skull...