User loginNavigation |
New DSL for secueityHello,thought I’d share a new DSL by endgame life querying security logs : https://www.endgame.com/blog/technical-blog/introducing-event-query-language It is meant to help reason about security events. Best illustrated in this example: What files were created by non-system users, first ran as a non-system process, and later ran as a system-level process within an hour? I think that there is a lot of improvement that can be had in. languages that help reason about (time) series and it’s a welcome addition to the DSL family. By True Konrads at 2018-06-05 23:31 | LtU Forum | previous forum topic | next forum topic | other blogs | 2735 reads
|
Browse archives
Active forum topics |
Recent comments
5 days 3 hours ago
40 weeks 6 days ago
41 weeks 1 hour ago
41 weeks 1 hour ago
1 year 11 weeks ago
1 year 15 weeks ago
1 year 16 weeks ago
1 year 16 weeks ago
1 year 19 weeks ago
1 year 24 weeks ago