Automation

TheHive + Cortex automated build with Vagrant

By Adrian in thehive_misp_cortex

January 17, 2020

I’ve blogged quite a bit about TheHive and Cortex to date, so much so that the wonderful people over at TheHive-project have added this blog onto the Blogs & Articles section of TheHive’s curated Awesome List. Its seems The more I write, the more I realise how much more there is to write about this stacks ability and feature set. Throughout the course of the last year, I wrote a 12 part series about standing up TheHive, MISP and Cortex detailing my experiences in how to install, integrate and upgrade each of them.

Continue reading

Node-RED Secure Installation

By Adrian in Projects

December 10, 2019

Node-RED has traditionally been used for tapping into hardware devices and API endpoints to construct workflows in a drag and drop interface. It is quite extensible given you can add your own code and data manipulations. I’ve seen Node-RED used to connect into power metering hardware which cleans up the data feed, customises the output to multiple destinations (in this case Splunk and an output file). A quick YouTube search shows there are many possible home automations with Node-RED.

Continue reading

Making Thehive Soar With Microsoft Power Automate and Cortex

By Adrian in thehive_misp_cortex

December 5, 2019

Security Orchestration and Automated Response (SOAR), its the natural evolution of where security teams are heading, and as our numbers in this space seems to never be enough, we look to SOAR tools to automate to free up our time to so we can spend it doing more productive things, like drinking coffee and threat hunting. Automation brings standard and repeatable processes which could just buy us that breathing space.

Continue reading

Adding analysers to Cortex

By Adrian in Projects

September 24, 2019

This is part 5 of the Cortex build. In this part I’ll add, configure and test out an analysers. Links to the previous articles are here: Part I - Building TheHive Part II - Setup reverse proxy for TheHive Part III - Building MISP Part IV - Building Cortex Part V - Adding analyzers to Cortex Part VI - Setup reverse proxy for Cortex Part VII - Integrate TheHive and Cortex

Continue reading

Building Cortex

By Adrian in Projects

September 22, 2019

This is part 4 of TheHive/Cortex/MISP build. In this part were standing up Cortex. Links to the previous articles are here: Part I - Building TheHive Part II - Setup reverse proxy for TheHive Part III - Building MISP Part IV - Building Cortex Part V - Adding analyzers to Cortex Part VI - Setup reverse proxy for Cortex Part VII - Integrate TheHive and Cortex Part VIII - Integrate MISP to TheHive

Continue reading

Search

Tags