Just in time for the ArcSight annual users conference I will be presenting on integrating Open Source Intelligence in ESM and have updated the original malwarefeed.py script with a version which can pull from multiple configurable sources!
If you want to give it a spin on your own environment now, download the python script version below and start streaming thousands of known malicious IP's right into ESM via CEF syslog.
http://code.google.com/p/arcosi/
usage: ./arcosi.py 127.0.0.1
Showing posts with label Open Source Intelligence. Show all posts
Showing posts with label Open Source Intelligence. Show all posts
Thursday, August 12, 2010
Subscribe to:
Posts (Atom)