How to filter zeek logs:

cat conn.log | zeek-cut <columns> | column -t | less -S

(column and less display the columns aligned and readable)

Security Onion 2.4.70 now available including our new Detections interface and much more!

Tune your:
#NIDS rules for #Suricata
#Sigma rules for #ElastAlert
#YARA rules for #Strelka

Take your #DetectionEngineering game to a new level!

https://blog.securityonion.net/2024/05/security-onion-2470-now-available.html

Build a Network Intrusion Detection System for free using #Snort. A simple guide for Linux and macOS users. #NIDS #DFIR

https://gist.github.com/lukeswitz/08ea69ad6047c5f0bd2388476b2fd189

Using Zeek’s new JavaScript support for MISP integration.

With Zeek 6.0, experimental JavaScript support was added to Zeek, making Node.js and its vast ecosystem available to Zeek script developers to more easily integrate with external systems.

https://www.misp-project.org/2024/01/03/Zeek_JavaScript_MISP_Integration.html/

#zeek #misp #nids #threatintelligence #threatintel #opensource #infosec

@zeek

Showing my ignorance of DFIR, but how many NIDS systems actually inspect the on-the-wire protocol of C2s and compare it against known allowed protocols?
#nids #dfir #defsec

RT @USGS_WGSC: WGSC’s Laura Norman is featured in a recent @popsci article on how natural infrastructure in dryland streams (#NIDS) can improve landscape #resilience to #ClimateChange in the American Southwest:
https://t.co/0MvyK9KM1h

Matthias Wübbeling explains various sources of threat intelligence and how to use the information to improve your organization's security https://www.fosslife.org/understanding-threat-intelligence-infrastructure-security #security #tools #infrastructure #networking #SystemAdministration #firewall #NIDS #HIDS

NIDS: East Asian Strategic Review 2022

Japońscy analitycy postrzegają kwestię bezpieczeństwa w Azji Wschodniej bardzo szeroko, dlatego można znaleźć w raporcie nie tylko omówienie zaangażowania poszczególnych państw w Afganistanie, ale też interakcji izraelsko-arabskich.

https://wp.me/p3fv0T-ePt #Azja #Pacyfik #Japonia #USA #Chiny #ChRL #bezpieczeństwo #raport #NIDS #książka

Threat Intelligence: Matthias Wübbeling explains how to deal with threat intelligence on the corporate network when existing security tools are not effective https://www.admin-magazine.com/Archive/2022/71/Diving-into-infrastructure-security #security #ThreatIntelligence #network #infrastructure #trackers #firewall #NIDS #antivirus

My first whole car-design.
Hive Fleet Stockholm

(a friend who drives trains there asked me for this)

Announcing Matano + Suricata!

Suricata is a popular open source NIDS/NIPS engine used for network analysis and threat detection.

We just shipped out a new integration that allows you to easily push Suricata logs & alerts into a Matano Security Lake in your AWS account for realtime detection-as-code with Python and analysis using AWS Athena + SQL!

Interested in how to build your own Security Data Lake using Suricata logs?

Check out our blog post: https://www.matano.dev/blog/2023/01/12/suricata-support

Include threat information from @misp in @zeek network visibility #cti #nids #networksecurity https://www.vanimpe.eu/2023/01/12/include-threat-information-from-misp-in-zeek-network-visibility/

So lets begin with a little documenting journey around here.
I started out with #wh40k and the #tyranids since I really am into insects and the #grimmdarkfuture . Anyhow the #nids themselfes where not #insectoide enough in my taste. So I quite instantly started #kitbashing and used my skills with #3dprinting . I even am sculpting some in my 3d-software myself. But later on you will see more of that and my #onepagerules journey.

What do you think about nids? Not insect enough? Too much bug?