This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.

Reject

NetWitness Community

Home
Products
Community
- Blog
- Discussions
- Events
- Idea Exchange
Support
Training
Technology Partners
Trust Center

cancel

Turn on suggestions

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Showing results for

Search instead for

Did you mean:

NetWitness Community Blog

Subscribe to the official NetWitness Community blog for information about new product features, industry insights, best practices, and more.

cancel

Turn on suggestions

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Showing results for

Search instead for

Did you mean:

Announcement Banner

Users are unable to open Netwitness Support Cases via email. Please open support cases via portal or by phone

View Details

NetWitness Community
Blog
Investigators Custom Actions How to and Examples

Investigators Custom Actions How to and Examples

MichaelDaly

Beginner

Options

Subscribe to RSS Feed
Mark as New
Mark as Read
Bookmark
Subscribe
Email to a Friend
Printer Friendly Page
Report Inappropriate Content

‎2012-09-19 04:50 PM

Investigator comes with little known built in functionality called Custom Actions that allow an Analysis to query their favorite third party website and check for malicious content or potentially harmful malware. The document attached is a step by step example on how to quickly enable this functionality and contains many real world examples on the last few pages.

administrator
advanced_threats
analytics
apt
breach
cybercrime
documentum
godaddy
hacked
kneber
Malware
malware_analysis
martuz
NetWitness
netwitness_rules
network_forensics
network_visibility
NW
NWP
obfuscated_traffic
reverse_engineering
risk
RSA NetWitness
RSA NetWitness Platform
rsa_netwitness
Security
security_analytics
trojan
zeus

Preview file

1041 KB

0 Likes

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Latest Articles

Agent Tesla: The Information Stealer
Threat Analysis: Detecting “Follina” (CVE-2022-30190) RCE Vulnerability with Netwitness Endpoint
Introducing NetWitness Vision XDR
Introducing NetWitness Platform XDR v12.0
Atlassian Confluence Zero-day Vulnerability (0-Zero) CVE-2022-26134: What You Need To Know
‘Follina’ CVE-2022-30190 0-Day: What You Need To Know
CVE-2022-1388: BIG-IP iControl REST RCE Vulnerability
Ragnar Locker Ransomware: The Rampage Continues…
Ransomware Email Attacks: Beware of BazarLoader
Detecting Impacket with Netwitness Endpoint

Labels

Announcements 54
Events 2
Features 9
Integrations 6
Resources 57
Tutorials 21
Use Cases 21
Videos 116

Blog
Events
Discussions
Idea Exchange
Knowledge Base

Case Portal
Community Support
Product Life Cycle
Support Information

About the Community
Terms & Conditions
Privacy Statement
Acceptable Use Policy
Employee Login