Threat Feeds, IOCs and other Patterns

Threat Feeds, IOCs and other Patterns

Pretty soon, you find yourself back, staring at this "snort signatures" pattern problem. A small, elegant mathematical formula representing something your sensors should be detecting. All it's missing is a little normalization and a bit of an ever evolving data model behind it, representing the current state of the Internet…

Deploying Threat Intelligence Platforms- in 10min or less.

Deploying Threat Intelligence Platforms- in 10min or less.

If you run an open-source project, you have no time to spend on testing deployments- so you AUTOMATE ALL THE THINGS, from testing to install, across as many platforms as you possibly can.. because if you give folks documentation, they will not read it, but if you give them an easybutton- they'll BASH THE HELL OUT OF IT. What you quickly figure out- is how many different ways they'll then want to bend, tweak and scale out your application. This leads to more questions, more answers, more time (did I mention you're not really making any money from this, it's all goodwill...  you learn a lot, but you also lose a lot of time with your family... depending on your situation, maybe good, maybe bad).