Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Threat hunting is made easy using the Community ID Network Flow Hashing
« previous
next »
Print
Pages: [
1
]
Author
Topic: Threat hunting is made easy using the Community ID Network Flow Hashing (Read 1027 times)
beki
Jr. Member
Posts: 93
Karma: 10
Threat hunting is made easy using the Community ID Network Flow Hashing
«
on:
November 30, 2023, 10:35:04 am »
Dear valued users,
The official release of Zenarmor 1.16 is just around the corner, promising some exciting new capabilities. Today, we will take a sneak peek at one of the new capabilities introduced in this release called Community ID Network Flow Hashing, or Community ID for short.
In this article, we are going to show you exactly how to do this by using Community ID to match the network traffic session logs created by Zenarmor with the Sysmon event logs generated on a Windows client in order to build a complete end-to-end picture of a network connection, from the application or process initiating the connection on the Windows client to its final destination endpoint.
https://www.zenarmor.com/post/threat-hunting-with-zenarmor-community-id-feature
Bests,
Zenarmor Team
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Threat hunting is made easy using the Community ID Network Flow Hashing