Security Onion Profile picture
Peel back the layers of your network and make your adversaries cry! Free platform for IDS, NSM, Threat Hunting. Questions: https://t.co/1p7rybj30w
Feb 16, 2023 13 tweets 8 min read
Today's quick #malware analysis with #SecurityOnion: FAKEBAT, REDLINE STEALER, and GOZI/ISFB/URSNIF pcap from 2023-02-03!

Thanks to @malware_traffic for sharing this pcap!

More screenshots:
blog.securityonion.net/2023/02/quick-…

#infosec
#infosecurity
#ThreatHunting
#IncidentResponse @malware_traffic Let's review some of the data that #SecurityOnion generates from this traffic!

When you import the pcap using so-import-pcap, it will generate a hyperlink that will take you to the Overview dashboard:
Oct 17, 2022 8 tweets 10 min read
#SecurityOnion 2.3.180 now available!

Featuring:
#Elastic 8.4.3
#Suricata 6.0.8
#Zeek 5.0.2
✅New and improved #sysmon dashboards!

Thanks to @markrussinovich and team for #sysmon!

Need a #sysmon config? Check out @SwiftOnSecurity's!

Blog post:
blog.securityonion.net/2022/10/securi… ImageImageImageImage @markrussinovich @SwiftOnSecurity Our updated #Sysmon Overview dashboard gives you a nice overview of all of the different types of #Sysmon data you are collecting: Image
Aug 19, 2021 17 tweets 13 min read
#SecurityOnion 2.3.70 now available!

blog.securityonion.net/2021/08/securi…

#PeelBackTheLayers
#MakeYourAdversariesCry
#ThreatHunting
#NetworkSecurityMonitoring
#EnterpriseSecurityMonitoring
#LogManagement
#infosec
#DFIR ImageImageImageImage If you want the quickest and easiest way to try out #SecurityOnion, just follow the screenshots below to install an Import node and then optionally enable the Analyst Workstation. This can be done in a minimal VM with only 4GB RAM! ImageImageImage