[Bro] Threat Intelligence Management

Jan Grashofer jan.grashofer at cern.ch
Thu Jun 25 04:55:49 PDT 2015


Hi Lysemose,



thanks a lot for your reply! Critical stack is like a marketplace for intel in the cloud, right? What I am looking for is a solution I can deploy at my site to ingest intel of different sources (also putting in manually collected stuff), which can be queried by different parts of our stack (Bro only one of them). CIF seemed promising but whether the idea behind might be great, at least the documentation is horrible.



Jan



________________________________
From: Heine Lysemose [lysemose at gmail.com]
Sent: Thursday, June 25, 2015 13:44
To: Jan Grashofer
Cc: bro at bro.org
Subject: Re: [Bro] Threat Intelligence Management

Hi

I encourage you to have a look at, https://intel.criticalstack.com/

Best,
Lysemose

On Thu, Jun 25, 2015 at 1:31 PM, Jan Grashofer <jan.grashofer at cern.ch<mailto:jan.grashofer at cern.ch>> wrote:
Hi all,

I am having a look at Threat Intelligence Management solutions, which can be used with Bro. What do you use and what are your experiences?

Regards,
Jan

_______________________________________________
Bro mailing list
bro at bro-ids.org<mailto:bro at bro-ids.org>
http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150625/71c31d81/attachment.html 


More information about the Bro mailing list