Closed necrose99 closed 3 years ago
Pull request welcome :)
It would be good to put it under contrib. https://github.com/future-architect/vuls/tree/master/contrib
At some future point, https://github.com/future-architect/vuls-beats , or similar for agent , if the vulsrepo, viewer bogs up , or ie malware alerts tick up against a vuln in siem , Anylysts can put action plans to effect. (https://github.com/wazuh uses vuls as vulnerability... , ) However recently been in inte.... for a ro...l.e.. hmm hmm. Were they ... could use vul.... sc.. and run elastic siem.
@nealmcb I try implement from now . https://github.com/kazuminn/vulsbeat but i don't know if it can be released. very sloory implement
@necrose99 I have released https://github.com/kazuminn/vulsbeat .
this with ie https://github.com/wazuh , or free elastic seiem or elastic based siem /SELKS or many open source siems , should be able no to get vuls alerts
https://github.com/HASecuritySolutions/VulnWhisperer/ or others in future should be able to consume alerts
On Sat, Dec 12, 2020 at 8:31 AM kazuminn notifications@github.com wrote:
@necrose99 https://github.com/necrose99 I have released https://github.com/kazuminn/vulsbeat .
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/future-architect/vuls/issues/1047#issuecomment-743764427, or unsubscribe https://github.com/notifications/unsubscribe-auth/AASJAT45SVC4M35OQCE4QRLSUN5FBANCNFSM4QWTXW4A .
https://www.elastic.co/guide/en/beats/devguide/current/new-beat.html
(https://www.elastic.co/siem )
send vuls/detections alerts as a copy that are found to elastic search siems or logstash etc..