Where's your PayPal button?

Where's your PayPal button?

Who knows- maybe with your ear close to the ground, you'll hear a more lucrative opportunity. Maybe you'll then be the next big unicorn… or more likely, create something where you are free to do whatever you want for the rest of your life.. Isn't that the point?

F your formats, just show me the data- part2

F your formats, just show me the data- part2

The real problem we're trying to solve here is context. We're lifting a bunch of "tokens", that usually have more than 3 characters, surrounding them with context and applying a probability value to them. All this with the express purpose of taking the high value indicators and applying them to our defenses in real-time. Not trivial, but not hard either. I'm not an SKLearn or NLTK expert- but I do know what it feels like to block accidentally netflix.com at the border….

Threat Feeds, IOCs and other Patterns

Threat Feeds, IOCs and other Patterns

Pretty soon, you find yourself back, staring at this "snort signatures" pattern problem. A small, elegant mathematical formula representing something your sensors should be detecting. All it's missing is a little normalization and a bit of an ever evolving data model behind it, representing the current state of the Internet…

Deploying Threat Intel Platforms, From GitHub.

Deploying Threat Intel Platforms, From GitHub.

The problem wasn't trying to manage and automate the code deployment, as much as it became managing the playbooks that deployed the application(s). We could have kept those playbooks in with the core code, but that's more over-head in the repo and more people touching the core code that didn't need to....