Published inNerd For TechWhy you are probably pricing your security solution all wrongEspecially during my time at Gartner as an analyst, I heard many preposterous claims about TAM’s and IT security budgets and associated…Mar 16, 2021Mar 16, 2021
Published inBrim SecurityVisualizing Network Cyber Attacks with Suricata and Zeek using Brim and NetworkXGaining meaningful Insights out of Security DataFeb 24, 2021Feb 24, 2021
Published inBrim SecurityAnalyzing Qakbot using Brim’s No-code threat huntingQakbot is the newest guise of Qbot, a banking trojan that was first detected in the wild in 2009. Originally focused on the theft of…Jan 14, 2021Jan 14, 2021
Published inBrim SecurityWhat’s new in Brim v0.22.0?Brim is a full nano network intrusion detection and threat hunting platform, and best of all, it’s open source. There is no need to…Jan 12, 2021Jan 12, 2021
Published inBrim SecurityWhat’s better than Brim and Zeek? Brim, Zeek and Suricata!We are really excited to announce that we have extended our pcap post-capture analysis engine in Brim with Suricata. In addition to Brim…Dec 22, 2020Dec 22, 2020
Published inBrim SecurityVisualizing IP Traffic with Brim, Zeek and NetworkXNetwork Graphs and Threat HuntingDec 1, 20201Dec 1, 20201
Published inBrim SecurityHunting Emotet with Brim and ZeekThe US Cybersecurity and Infrastructure Security Agency recently released an advisory warning of a resurgence of the Emotet malware.Nov 5, 20202Nov 5, 20202
Published inBrim SecurityInvestigating Network traffic activity using Brim and ZeekIn the last article, I shared my favourite Brim ZQL queries to begin a threat hunting investigation in Zeek data. We covered pretty…Oct 9, 2020Oct 9, 2020
Published inBrim SecurityFive Elegant Brim Queries to Threat Hunt in Zeek Logs and Packet CapturesThreat Hunting is challenging — there’s an adversary trying to hide after all — so any tool that can speed up your Time to Insight should…Sep 23, 2020Sep 23, 2020