Activity
Mon
Wed
Fri
Sun
May
Jun
Jul
Aug
Sep
Oct
Nov
Dec
Jan
Feb
Mar
Apr
What is this?
Less
More
Memberships
TRYBE
12 members • Free
ECA Cyber Range
39 members • $97/month
24 contributions to ECA Cyber Range
4d •
Internship Application
For those that want to be apart of the Cyber Range Internship program tier I am dropping the PDF with all the information here. The application link will be inside of the PDF for you to apply. Since y'all are already members everyone here has the ability to apply right now. Please make sure to read the PDF in its full lol. Let me know if you have any questions at all.
0 likes • 3d
Applied. Very exciting! I asked on LinkedIn, and would just like to confirm: I work 6-3 some days and 2-11 other days. Would we be able to complete the tasks before or after those times? Or will tasks have to be done like 9-5? Also, if accepted, is there anything that should be worked on before June 1 that would help with the program?
6d •
ECA Splunk Security Dashboard Challenge Submittion
Full code and documentation on GitHub: https://github.com/philipzangara/splunk-otx-cti-dashboard LinkedIn: https://www.linkedin.com/posts/philip-zangara_splunk-cybersecurity-threatintelligence-share-7450251695206383616-ffEr/ YouTube walkthrough: https://www.youtube.com/watch?v=auqXgulY5-c A Splunk CTI dashboard that correlates AlienVault OTX threat intelligence against live Sysmon endpoint telemetry; to answer the question is the threat intelligence from the outside world actively hitting my environment right now?
1 like • 5d
@Paul Daigle II Thank you for the feedback. The Severity column was one of the more difficult issues I had doing this. How do you define severity? OTX doesn't have a good way to define it. A couple options I thought of: A. By hit count. More hits = more severe? I tweaked the hit count lower so any hits should have shown as medium or high. However, you can have a hit count of 1 and that 1 might be a ping to a C2 server that only connects every 3 months. Hard to show that quickly on a dashboard. B. Weighted by hit and pulse count. Again, how would this be weighted? C. Remove it. D. Use VirusTotal. I thought about using VirusTotal to check the IPs and Malicious Files, but would add another requirement to set up. For the "OTX Threat Intel - TTPs Active in Your Environment" panel, there was a Severity column and I just removed it for the above reasons. Looking back, I should have just removed the Severity column all together, especially the "OTX Malicious File Hits - Your Environment". Because if, say, mimikatz.exe shows up once, it would show up as a 1, thus a Low. We know of course know that mimikatz.exe is not a Low priority. Thanks again for the feedback!
Mar 17 •
Splunk Security Dashboard Challenge is Live
The Dashboard Challenge is live now! Go to the first classroom module, and all the information you need will be there. We got some awesome prizes this time around, so definitely check them out. There can only be one winner....Only the strong survive in our Cyber Rang,e lol. @Khadijah Watkins @Gabriel Gonzalez @Philip Zangara@April Walker @Oryon Begay @Robert B. @Royal Williams @Kemishe Smalls @April Walker
0 likes • 30d
@Kenneth Ellington Maybe I'm reading too much into this, but are we then doing the Classic Dashboard XML or Dashboard Studio JSON?
Mar 5 •
Thursday Update Session 3/5
We got an Update session with yours truly. We are going to cover some of the items below. 1.) Winner of the Splunk Challenge. 2.) New Challenges for this Spring and Summer 3.) Internship program for Cyber Range 4.) Updates for the Splunk ES App 5.) New programs coming online 6.) Referral Program So if you have questions about any of the above defintely tune in! It will also be recorded as well. @Khadijah Watkins @Gabriel Gonzalez @Philip Zangara There will updates specfically for yall as well so I would defintely join.
0 likes • Mar 5
Looking forward to it.
Feb 25 •
Mock Interview/Presentation
For those that want to get some mock interview experience or some presentation practice. Comment below the word practice. Going to create a session for it in about a week or so and I need a head count. There will be some things I will give you ahead of time so your able to prepare for it.
0 likes • Feb 27
Practice.
1-10 of 24
