Printnightmare Detections
With the recent developments of Printnightmare, I'm curious if anyone has worked on detections of exploitation using NetWitness and what data sources would be required for them.
With the recent developments of Printnightmare, I'm curious if anyone has worked on detections of exploitation using NetWitness and what data sources would be required for them.
Hello, I am writing a LUA parser at the moment and I need to calculate a MD5 hash. I have the funny feeling that this might be available in the nwll.lua library, but I'm unable to find a description of which functions are available in this library. D...
We just upgraded from 11.5.3.2 to 11.6.1.0. We enabled the Legacy Navigate view ( /investigation/navigate ) but non of our analysts were able to use it. They received a blue error message: Forbidden. You cannot access the requested page. /var/netwitn...
Good morning everyone, I hope you all are well!I would like to clear a question, is it possible to integrate Vmware Horizon 7 VDI to send logs to RSA Netwitness?Or would it be the same procedure for configuring logs from VMware ESXI?
Dear Community, I'm trying to write an ESA rule to trigger when the customer gets 10 error 500 and 10 error 400 for a Web Service in 5 minutes.the thing here is, the customer wants the rule to trigger the alert regardless of how the events arrives, f...