Nothing hooks a zombie- like a brain on a stick.
Wouldn’t it be cool, if your IDS could start hunting automatically.. simply by paying attention to your #ops channel?
Just about every single "TIPS" platform I come across solves one problem; getting users into their ecosystem where they can hunt for things in the past. These platforms are designed to FIND breaches, thwarting them seems to be an afterthought, if at-all. I can bring vulnerability data and passive dns data into my view to see that i've been owned, if I figured that out- why can't that logic just go into my network and keep me from getting owned in the first place?
Applied research, content and tools to help you solve real problems.
Did you learn something new? How much is that worth to you?