This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question
Cyber_Chief1999
Bronze 4
Bronze 4
Since ‎03-15-2024
Tuesday

My Stats

  • 18 Posts
  • 0 Solutions
  • 5 Likes given
  • 13 Likes received

rpicadizo's Bio

Badges Cyber_Chief1999 Earned

View all badges

Recent Activity

Compare event to previous similar event - YARA-L rule

06-24-2024
Hi,Does anyone have any experience with creating a YARA-L rule that looks for a particular event such as a vulnerability detected on a particular host but if that same vulnerability is detected in an event on the same host again within 24 hours, then...

YARA-L rule to detect ingestion drop

06-16-2024
Hi,Has anyone got any experience with creating a YARA-L rule that detects when a log source drops ingesting? I was hoping for a possible quick win here instead of using a dashboard.Thanks

YARA-L Rule Using External List

03-25-2024
Hi, My reading suggests otherwise but wanted to ask on here whether anyone had successfully managed to create a rule that looks up an external list i.e an external URL which holds a list of known Cobalt Strike IP addresses. My reading suggests this i...

UDM Search to find triggered alerts

03-19-2024
Is there anyway of querying via a UDM search to find alerts that have triggered?Thanks

semantic analysis: match variable encoded_value is not assigned to an event field - help required

03-19-2024
Hi all, I am having an issue with the error message in the title field and some help would be really appreciated. I have wrote a YARA-L rule in Chronicle which captures various matching powershell command and decodes the successful match using the st...
Likes from
View all