Threat Intelligence Report- IOCs Weekly

These reports outline various IOCs detected by my honeypots and provide a snapshot of attacker trends. While these IOCs will be stale by the time you review them, they will provide historical context and opportunities for analysis.  Attacker Location: Connection By Country(20): 07_15_2020-IOC-COUNTRY.csv Top attacking countries are China (23.12%) Ireland (15.26%), United States(7.84%), Russia (7.84%), … Continue reading "Threat Intelligence Report- IOCs Weekly"

Read More

Security Onion & Splunk: Alert Analysis Workflow/Examples

Security Onion & Splunk is setup successfully, everything is ingesting and properly alerting but now what? That largely depends on your individual situation, but I can assume you’ll see some alerts and need to do an investigation.  So this article will address how to use Security Onion & Splunk to perform an investigation on your … Continue reading "Security Onion & Splunk: Alert Analysis Workflow/Examples"

Read More