WhatDoesKmean @seercle@red.niboe.info

Here's my new article, where I'm sharing the exciting potential of integrating #GoogleBard in #Wazuh 😉
#Wazuh #EDR #GoogleBardAI #AI #CyberSecurity #InfoSec #SOC #BlueTeam #DataIntegration #EventMonitoring #LogMonitoring

https://loggar.hashnode.dev/unleashing-the-power-of-wazuh-uniting-forces-with-google-bard

Here's my new article that discusses how to set up Wazuh to connect with the WhoisXML API through a custom integrator.

#Wazuh #WhoIs #CyberSecurity #BlueTeam #LogManagement #LogEnrichment #SOC #InfoSec

https://loggar.hashnode.dev/knowing-who-is-who-with-wazuh-and-whoisxml-api

Are you looking to supercharge your data collection and analysis process?
Check out my new article on how Sumo Logic Script Actions can help transform and enrich your logs.

#SumoLogic #LogManagement #BlueTeam #CyberSecurity #SOC #InfoSec #DataEnrichment

https://loggar.hashnode.dev/supercharge-your-data-collection-transform-and-enrich-your-logs-with-sumo-logic-script-action

By the end of this article, you will have the knowledge and skills needed to make updates to your Sumo Logic collectors programmatically.

I hope that helps! 😊

#SumoLogic #LogMonitoring #SIEM #CyberSecurity #InfoSec #BlueTeam #SOC

https://loggar.hashnode.dev/updating-a-sumo-logic-collector-using-the-api

Here's my new article about how to implement a simple File Integrity Monitoring for @SumoLogic

Hope it helps! 😉

#cybersecurity #infosec #PCIDSS #compliance #BlueTeam #SOC #SumoLogic #FIM #SIEM

https://loggar.hashnode.dev/an-approach-for-deploying-simple-file-integrity-monitoring-fim-using-sumo-logic

Here's my new article on how to integrate #OpenAI #ChatGPT API within #Wazuh

https://loggar.hashnode.dev/augmenting-wazuh-with-chatgpt-integration

#API #DataIntegration #BlueTeam #SOC #CyberSecurity #InfoSec

Quería tomarme un momento para agradecer a #Wazuh por su generosidad. No puedo esperar para estrenarlos! Es bueno saber que se preocupan por la comunidad, tomándose el tiempo para demostrarlo con grandes gestos como este.
¡Realmente han hecho mi día! 🤗

Mi charla del último SANS DFIR Summit 2022 fue un gran desafío personal y una muy agradable experiencia que espero pueda serle util a la comunidad cyber😊
#Ciberseguridad #InfoSec #ThreatIntelligence #BlueTeam #SOC #CyberSecurity #dataengineering #SANS #DFIR #DFIRSummit

https://youtu.be/Epe3hWqiqnE

Presentando mi nuevo artículo "Integrando Geolocalización IPv6 en Wazuh"
Espero sea de su agrado! 😉

#Wazuh #geolocation #API #cybersecurity #CiberSeguridad #SOC #BlueTeam #DataIntegration #geolocalizacion #InfoSec #SeguridadInformatica #Python #Docker

https://loggar.hashnode.dev/integrando-geolocalizacion-ipv6-en-wazuh

This #JupyterHub image was specially built for my #SANS #DFIR 2022 talk. The repository comes with a Docker image of jupyterhub installed along with a Jupyter notebook example.
#jupyternotebook #docker #dfir #cybersecurity

https://hub.docker.com/r/whatdoeskmean/jupyter4dfir

Did you miss the #SANS #DFIR Summit 2022?

No worries! This is a curated list of links and resources brought to the #DFIRSummit attendees this year (Including mine ☺️)

#CyberSec #InfoSec

https://start.me/p/xbwgd0/sans-dfir-2022

Qualys API - Host List and Asset Management with Python

#python #apis #vulnerability #assets #qualys

https://loggar.hashnode.dev/qualys-api-host-list-and-asset-management-with-python

Are you still struggling to properly format an XML #API response?

The Pandas_read_xml library reads #XML files and retrieves data of all subsequent fields.

This code example will help you to get it.

#Python #Pandas #Data #DataEngineering

Here's my new article about field normalizing with SumoLogic.

#SumoLogic #Logs #EventManagement #LogCorrelation #CyberSecurity #InfoSec #BlueTeam

https://loggar.hashnode.dev/sumo-logic-normalize-logs-with-field-extractions

So, you want to start log ingestion with Sumo Logic? Some points to analyze before sending logs to the platform.

#sumologic #data #dataintegration #logmanagement #cybersecurity #logs

https://loggar.hashnode.dev/some-points-to-analyze-before-sending-logs-to-sumo-logic

FREE Threat Intelligence Feeds
#CyberSecurity #ThreatIntelligence

threatfeeds.io

auditctl controls the status and some basic system parameters of the audit daemon. To define a file system rule, use the following syntax:
auditctl -w path_to_file -p permissions -k key_name
In our case will be:
auditctl -w /usr/bin/python2.7 -p rwa -k python

#Audit #Linux #SOC

Based on my last #SANS #DFIR Summit talk, I'm upgrading an IR Notebook which demonstrates a simple way to analyze and enrich #logs using #Python, Threat Intel #API, Google Sheets, and Google DataStudio dashboard.

#ThreatIntelligence #BlueTeam #InfoSec #CyberSecurity #IncidentResponse #SOC

Pairing #Wazuh with a custom #python integration script to send #API requests to an IPv6 geolocation service and enrich login attempts. With Wazuh you can develop whatever integration script in order to interact with almost any API service 😉

#CyberSecurity #InfoSec #BlueTeam #SOC