search

IntegralDefense / ACE

Analysis Correlation Engine
Apache License 2.0
26 stars 10 forks source link

netskope log correlation #148

Open asch-id opened 5 years ago

asch-id commented 5 years ago

per a recent event, we should take advantage of netskope visibility, correlate on file_name observable, md5. Maybe, also email address and userip (src_ip).