XDR
XDR: Vendor Advisory for SolarWinds Orion Products - Countermeasure guidelines
December 2020 Detect SolarWinds SUNBURST Backdoor with Stellar Cyber Open-XDR Platform On December 13 2020, multiple vendors such as FireEye and Microsoft reported emerging threats from a nation-state threat actor who compromised SolarWinds, and ...
CyFlare Detection List & MITRE ATT&CK Framework Mapping
Purpose This document identifies the detections that are available to CyFlare clients from the identified managed security services. Filters & Definitions State - This represents whether the default mode for the detection. It may be On or Off by ...
XDR-Syslog Forwarding- Ports To Send To
Firewall Ports to Open for Log Ingestion Network and security sensors require open inbound UDP ports on your firewall in order to receive and parse logs from devices on your network. The ports are already open by default on the sensor, so you must ...
XDR: EVENT ID Search in BDS Platform
An Alarm raised by SOC? Curious to know what the alarm is and why SOC raised it? We provide complete transparency to check what event/alarm was raised by the SOC to the Partner/Client Pre – Requisites: 1. Login Credentials 2. Portal URL to login 3. ...
XDR: Deploying the Linux Agent Sensor - Ubuntu/CentOS/RedHat/Debian Deployment
Table of contents Overview The Linux Agent on the servers has the capability to detect various events. Due to the nature of the agent and complexity of what needs to be seen from the server is crucial. The Linux Agent gives us the scope in the ...
XDR: Deploying The Windows Agent
Overview The Windows agent collects relevant security data from Windows event logs running. Forwarding Windows event logs provides necessary log data required for many compliance regulations and increases overall visibility within the organization. ...