Improving the threat intelligence process in Splunk with RST Cloud
The app that allows users to seamlessly integrate threat intelligence feeds into Splunk and mitigate common issues such as lack of context, and manual processes
TI
8 Steps to normalise naming of cyber threats and related entities
One of the challenging thing in IoC aggregation is to match all IoCs connected to one specific threat with each other due to different malware synonyms used by TI experts. Read about algorithm used by RST engine here: https://medium.com/@rst_cloud/8-steps-to-normalise-naming-of-cyber-threats-and-related-entities-817730361217
Take advantage of RST Threat Feed for FortiGate
Your network perimeter protection solution will be able to recognise risky connections or downloads and either detect or prevent them if it has the most recent information about malicious resources. Where does an NGFW get information about up-to-date malware and its indicators of compromise (IoC)? Most of the time, they come as part of periodical …