Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Using Snort IDS Rules with NetWitness PacketDecoder, (Sat, Feb 26th)

published on 2022-02-26 17:53:31 UTC by
Content:
NetWitness has the ability to load Snort rules on its PacketDecoder to detect and alert suspicious activity. Since it is practical to be able to see the signature makeup and what it is looking for, I created a script that parses the Snort rule tarball into a single file (list.rules), which can be pushed and loaded in all the PacketDecoders. The scripts also parse each signature into a single HTML file that can be queried to review the signature to understand what the alert is matching.
Article: Using Snort IDS Rules with NetWitness PacketDecoder, (Sat, Feb 26th) - published over 2 years ago.

https://isc.sans.edu/diary/rss/28382   
Published: 2022 02 26 17:53:31
Received: 2022 02 26 19:02:40
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Views: 2

Custom HTML Block

Click to Open Code Editor