213 Followers
·
About
Follow

Published in Security Operation Capybaras

·Jun 29

Real-time executions and IoC’s with Shuffle, TheHive and MISP — Open Source SOAR part 4

Automation is useful to everyone — especially in Cyber security. Leadership wants their KPIs and graphs. How do you produce them? Automation. Managers want to know how their team is performing. How can you make this easier for them? Automation. Analysts don’t want to see the same old alerts. How do you manage fatigue? Automation.

All these are solvable tasks with a few clicks in Shuffle. How? Read on.

This is the fourth part of a series about Shuffle and automation. Previous posts have focused on understanding and using Shuffle in a general sense of the word, with this iteration being about real use-cases for IT and infosec practitioners. …

Published in Security Operation Capybaras

·Jun 9

Integrating Shuffle with Virustotal and TheHive — Open Source SOAR part 3

Misalignment between practitioners and leadership in Infosec is normal. Leadership may decide to buy a product or service the practitioners are not fond of, but demand an implementation. That means you need to integrate it fully into your processes and procedures. How do you do that however? It’s a hard issue and usually takes a lot of time and effort. But what if it doesn’t have to?

Shuffle gives you options to explore the platform from a programmatic point of view, whether you’re technical or not, and gives access to open standards to build implementations in minutes rather than months or years. …

Published in Security Operation Capybaras

·May 26

Getting started with Shuffle — an Open Source SOAR platform part 2

Getting started with any new and shiny tool is hard, but exciting. My job is to demystify and make it fun and easy. SOAR and Open Source tools can be complicated messes if done wrong, but we’re avoiding that like the plague with Shuffle. This post will bring some much needed light to installation, user creation and workflow editing. It’s aimed at analysts, developers and anyone wanting to learn about automation, and makes you proficient at creating and running basic workflows.

This post is the second part in a series of blog posts about Shuffle. We’ve previously delved into what SOAR is (and isn’t) and an introductory overview to apps, workflows, triggers, actions and more. This post will build upon that with examples of these terms, with next post focusing on on practical implementations with Virustotal and TheHive. …

213 Followers
·
About
Follow

Published in Security Operation Capybaras

·Jun 29

Real-time executions and IoC’s with Shuffle, TheHive and MISP — Open Source SOAR part 4

Read more in Security Operation Capybaras · 14 min read

Published in Security Operation Capybaras

·Jun 9

Integrating Shuffle with Virustotal and TheHive — Open Source SOAR part 3

Read more in Security Operation Capybaras · 10 min read

2

Published in Security Operation Capybaras

·May 26

Getting started with Shuffle — an Open Source SOAR platform part 2

Read more in Security Operation Capybaras · 9 min read

Frikky

Building cool things with great people: https://frikky.com

About
Help
Legal

About

Help

Legal

Get the Medium app

213 Followers·AboutFollow

Published in Security Operation Capybaras

·Jun 29

Real-time executions and IoC’s with Shuffle, TheHive and MISP — Open Source SOAR part 4

Read more in Security Operation Capybaras · 14 min read

126

Published in Security Operation Capybaras

·Jun 9

Integrating Shuffle with Virustotal and TheHive — Open Source SOAR part 3

Read more in Security Operation Capybaras · 10 min read

264

2

Published in Security Operation Capybaras

·May 26

Getting started with Shuffle — an Open Source SOAR platform part 2

Read more in Security Operation Capybaras · 9 min read

393

Frikky

Building cool things with great people: https://frikky.com

AboutHelpLegal

About

Help

Legal

Get the Medium app

213 Followers
·
About
Follow

About
Help
Legal