ESS Notifier – Improving SOC Capabilities and Response

Introduction ESS Notifier is a notable security event scanner & notifier for Splunk Enterprise Security. The purpose of this tool is to send/push notifications via Email/Slack/REST API whenever a new security notable event is triggered on Splunk ESS. This tool is ideally best used by Managed Security Service Providers (MSSP) who provide SOC as a… Continue reading →

Hunting 0days with YARA Rules

Introduction YARA rules are used at (but not limited to) by malware researchers to identify and classify malware samples. With YARA, you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression that… Continue reading →

C99.sh

. . . Security Focus . . .

Date Archives → July 2021

ESS Notifier – Improving SOC Capabilities and Response

Hunting 0days with YARA Rules