Event categories are used to group incoming events for processing by IBM® Security QRadar®. The event categories are searchable and help you monitor your network.

Is there a way to test the high-availability (HA) crossover connection?

You can manually map a normalized or raw event to a high-level and low-level category (or QID).

To test your htaccess rewrite rules, simply fill in the url that you're applying the rules to, place the contents of your htaccess on the larger input area and press "Test" button.

This is a file share allowing access to all Sysinternals utilities. We have developed this to test an alternate distribution mechanism for our utilities. This will allow you to run these tools from any computer connected to the Internet without having to navigate to a webpage, download and extract the zip file. If you are unfamiliar with Microsoft Windows Sysinternals, it is highly recommended that you visit the website at http://technet.microsoft.com/sysinternals before using these tools. If you have any questions or comments on this file share, please email syssite@microsoft.com

It is a complicated, arduous, and time-consuming task for even experienced system administrators to know what a reasonable set of security settings is for any operating system. Thus, the FIRST Best Practice Guide Library intends to assist FIRST Team Members and public in general in configuring their systems securely by providing configuration templates and security guidelines.

Also, this initiative aims at recognizing FIRST members' work and promote it outside the FIRST community.

The main purpose of the site is to promote "slightly skeptical" approach to IT, to stimulate critical thinking about system administration and software development as professions. To increase resistance to media brainwashing. Skepticism is generally any questioning attitude towards knowledge, facts, or opinions/beliefs stated as facts, or doubt regarding claims that are taken for granted elsewhere.

Directory with qRadar documentation.

Welcome to the IBM® Security QRadar® product documentation, where you can find information about how to install, maintain, and use these products.

Ldap Admin is a free Windows LDAP client and administration tool for LDAP directory management. This application lets you browse, search, modify, create and delete objects on LDAP server. It also supports more complex operations such as directory copy and move between remote servers and extends the common edit functions to support specific object types (such as groups and accounts).

You can use it to manage Posix groups and accounts, Samba accounts and it even includes support for Postfix MTA. Ldap Admin is free Open Source software distributed under the GNU General Public License.

Cisco Services for IPS protects and enhances the effectiveness of the Cisco Intrusion Prevention System. Supported by the Cisco Global Security Intelligence organization, Cisco Services for IPS delivers continuously updated, comprehensive, and accurate detection technology to identify and block fast-moving and emerging threats.

Continuing TinyNuke Explained - part I, we review the available features of TinyNuke through the control panel, deploy a bot to our client machine, and perform attacks against our client.

In this video we review the setup requirements for installing and deploying TinyNuke.

Various Security Technical Implementation Guides

This blog post looks at the final part of creating secure software: shipping it to users in a safe way. It explains how to use transport security and package signatures to achieve this goal.

The following is an alphabetical list of supported event sources that are available in RSA NetWitness Logs.

Puppet 4.9 consists of:

A puppet-agent “All-in-One” package that installs Puppet, Ruby, Facter, Hiera, and supporting code.
A puppetserver package that installs Puppet Server.
A puppetdb package that installs PuppetDB.

RSA Content for the RSA NetWitness Suite: Documents; Procedures; Guides.
For RSA Security Analytics 10.6.2

RSA Content for the RSA NetWitness Suite: Documents; Procedures; Guides

If you are looking for official 10.6 documentation published by the RSA NetWitness Information Design and Development team -- user guides, release notes, installation instructions -- you are in the right place.

List all 10.6 user documentation (HTML and PDF): open the RSA Security Analytics 10.6 Table of Contents
List all documents in PDF format: click the PDFs category
List all guides in HTML format: click the Table of Contents category
List release documents--release notes, installation guides, and update instructions: click the Installation & Upgrade category
View translated 10.6 guides in PDF format: click French, Spanish, Japanese, or German