[SANS ISC Diary] IOC’s: Risks of False Positive Alerts Flood Ahead

I published the following diary on isc.sans.org: “IOC’s: Risks of False Positive Alerts Flood Ahead“.

Yesterday, I wrote a blog post which explained how to interconnect a Cuckoo sandbox and the MISP sharing platform. MISP has a nice REST API that allows you to extract useful IOC’s in different formats. One of them is the Suricata / Snort format. Example… [Read more]

[The post [SANS ISC Diary] IOC’s: Risks of False Positive Alerts Flood Ahead has been first published on /dev/random]

from Xavier

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s