Using STIX Patterns to Search Binary Data in ELK

By |2019-10-31T15:34:40-07:00April 3rd, 2019|Categories: Cyber Threat Intelligence (CTI)|Tags: , , , |

In the area of cyber threat intelligence, indicators based on deep understanding of compiled executables usually take a back seat to data artifacts such as log messages, configurations, file hashes, or network flow data. Binary patterns can be an incredibly useful tool to identify threats in executables and other [...]