Concerned About Your Business Cyber Security?

(877) 321--7374

Hunting for Suspicious Processes with OSSEC, (Thu, Sep 20th)

Here is a quick example of how OSSEC[1] can be helpful to perform threat hunting. OSSEC  is a free security monitoring tool/log management platform which has many features related to detecting malicious activity on a live system like the rootkit detection or syscheck modules. Here is an example of rules that can be deployed to track malicious processes running on a host (it can be seen as an extension of the existing rootkit detection features). What do I mean by malicious processes? Think about crypto miners. They are plenty of suspicious processes that can be extracted from malicious scripts (see my previous diary[2] about this topic). 

Ready For ASuperheroI.T. Solution?

Real Time Web Analytics