I am an independent security analyst providing cyber threat intelligence and network traffic associated with malware infections. I am located in the Albany, New York area.
All domains and URLs listed on this website should be considered as dangerous and could cause damage to your computer. We do not provide clickable active hyperlinks to these sites.

Use this website at your own risk!

Open Source project for finding the Threats on Proxy or Web Server Logs with Emerging Threats Open rules

It's a production ready version, all feedback is welcome.

Our hands-on method teaches you all the skills you need to become a data scientist or data analyst.

Learn by writing code, working with data, and building projects in your browser.

IBM® QRadar® Security Intelligence Platform provides a unified architecture for integrating security information and event management (SIEM), log management, anomaly detection, incident forensics, incident response, and configuration and vulnerability management.

Web property of Monterey Technology Group, Inc. devoted to spreading knowledge and understanding of Windows Security, IT Audit and Compliance with exclusive content from Randy Franklin Smith.

NWmodule.py

nwmodule.py is a python module I wrote that interfaces with the Netwitness REST API. All Maltego transforms are dependent on this module and functions within it. It must ne within the directory that contains the Maltego transforms.

This space contains information about the RSA Content program for the RSA NetWitness Suite. It contains information on Rules, Reports, procedures, and meta related to content that is available on Live. The information in this space applies to all versions of Security Analytics (unless noted otherwise).

RSA NetWitness ESA Correlation Rules / Alerts available by default on the plateform

RSA Content for the RSA NetWitness Suite: Documents; Procedures; Guides.
For RSA Security Analytics 10.6.2

RSA Content for the RSA NetWitness Suite: Documents; Procedures; Guides

Ransomware Tracker tracks and monitors the status of domain names, IP addresses and URLs that are associated with Ransomware, such as Botnet C&C servers, distribution sites and payment sites.
Ransomware Tracker provides a short guideline for both home users and enterprises on how to avoid becoming a victim of Ransomware.
Ransomware Tracker offers various blocklists. These blocklists allows enterprises to block malicious traffic towards known Ransomware infrastructure at the network edge, e.g. by blocking them on the corporate firewall, web proxy or in the local DNS server.

Scénarios et règles de détection disponibles de base sur RSA Netwitness.

Our mission is to be the place to go for collaboration and best practices among customers, partners, and industry experts. We built this resource with your needs in mind, and we hope you return often, contribute, provide feedback, and share your thoughts with us. We are listening.

Our mission is to be the place to go for collaboration and best practices among customers, partners, and industry experts. We built this resource with your needs in mind, and we hope you return often, contribute, provide feedback, and share your thoughts with us. We are listening.

If you need to convert files from one markup format into another, pandoc is your swiss-army knife.

If you are looking for official 10.6 documentation published by the RSA NetWitness Information Design and Development team -- user guides, release notes, installation instructions -- you are in the right place.

List all 10.6 user documentation (HTML and PDF): open the RSA Security Analytics 10.6 Table of Contents
List all documents in PDF format: click the PDFs category
List all guides in HTML format: click the Table of Contents category
List release documents--release notes, installation guides, and update instructions: click the Installation & Upgrade category
View translated 10.6 guides in PDF format: click French, Spanish, Japanese, or German

The following guides are the complete library for Security Analytics host and service configuration. Included are end-to-end initial setup and configuration instructions for each Security Analytics host and service, reference materials, and a database tuning guide. A suggested starting point is the Host and Service Getting Starting Guide.

This guides tells you:

What you need to apply STIG Hardening to Security Analytics.
How to configure STIG Hardening.
What the OpenSCAP report is and how you generate it.
What  exceptions were discovered in 10.6 and why they occurred.