Every few months, StrangeBee puts out an update to TheHive (Security Incident Response Platform). This month they have added Elasticsearch as an index engine to alleviate issues with using Cassandra,…
Deploying (and using) TheHive4 [Part 1]
In this post I will walk through the deployment, configuration and migration of TheHive to TheHive4, and what improvements have been implemented into this release.
Threat hunting with Elasticsearch and Kibana (Part 1)
As part of my final Masters degree research component I have been collecting data from honeypots which I have seeded around the globe. The objective being to distil this data…
Loading Windows Event Logs to Elasticsearch
So whilst playing through an element of Kringlecon 2019 I came across a task which didn't really suit my Christmas challenge of going to Linux full-time. One such challenge involved…