Configuring Suricata IDS to alert on Malicious Files Hashes
Continuing with our previous posts describing why & how to alert on Indicators of Compromise with Suricata IDS using the Dataset feature, in this post, we will describe, how to alert on malicious files observed in the network. For that, we will use a list of Malware hashes obtained from abuse.ch ThreaFox API, But first, […]
Configuring Suricata IDS to alert on Malicious Files Hashes Read More ยป