Feature Spotlight: Host Insight Transformation with IDS Alert Metadata

Roger Wilco Suricata 26 janvier 2022 Affichages : 619

In the previous article of the “Feature Spotlight” series, we discussed how to pivot from IDS alert metadata to signature content.

Today, we will be covering some Host Insight magic. Fasten your seat belt, log in to the Stamus Security Platform, and get ready to uncover new insights from your environment :-)

Note: this content applies exclusively to Stamus Network Detection and Response (Stamus NDR).

Host Insight Transformation with IDS Alert Metadata

One of the capabilities our customers tell us they love is our Host Insights which is unique in the intrusion detection system (IDS) and network detection and response (NDR) markets. In a nutshell, Stamus NDR tracks every host observed on the network in real time. This gives the user a rapid understanding of what HTTP User-Agents, TLS agents, user logins and so on, have been observed on each and every host.

WHAT ARE YOU LOOKING FOR?

Popular Tags

Feature Spotlight: Host Insight Transformation with IDS Alert Metadata

Host Insight Transformation with IDS Alert Metadata

Follow us on

Most popular

New Real-time Network Awareness (RNA) inspector feature added to Snort 3 beta

Snort rule update for Oct. 31, 2019

Snort 2.9.15.1 has been released

Snort rule update for Nov. 7, 2019

Snort rule update for Jan. 9, 2020

Snort rule update for Nov. 19, 2019

Category

Popular Sections

About