Building Your Own Blue Team Lab
Introduction Every blue team member should spend some time investing in building their own lab setup. It can be a great and fun learning experience, where you pickup some “low hanging fruit” skills....
View ArticleEnriching ElasticSearch With Threat Data – Intro
Since my last blog post back in January, I have been seriously distracted! I promised blog posts relating to my lab but have not had the time…. But to keep you guys going until then… I am going to...
View ArticleEnriching ElasticSearch With Threat Data – Part 1 – MISP
There is a lot of great blog posts and reads available on the MISP platform, so I don’t want to do it injustice by writing a huge intro here… I have a plan to write a more in depth blog post about...
View ArticleEnriching ElasticSearch With Threat Data – Part 2 – Memcached and Python
In our previous post we covered MISP and some of the preparation work needed to integrate MISP and ElasticSearch. With MISP now setup and prepped, we can now focus on Python and Memcached. Part 1:-...
View ArticleEnriching ElasticSearch With Threat Data – Part 3 – Logstash
In our previous post in this series, we have prepared MISP and its API, memcached and created the python script we need to pull data from MISP and push it into our memcached application. In this next...
View Article