1 May 2025
It was great to spend some time with @dvellante and Michael Beaudet last evening, during #RSAC2025 after parties!
Picture taken at @CrowdStrike evening reception on Tuesday.
@theCUBE @furrier @nyike @zkerravala @SavIsSavvy @RealStrech @robhof @ShellyKramer @MarshaCollier @MeetHumio #Falcon
1
7
408
21 Jun 2024
In this DTC Exit Interview, @MeetHumio co-founder and CEO Geeta Schmidt joins us to discuss the company's evolution into a cybersecurity focus and post-acquisition integration experience with CrowdStrike. Listen now for an inside look at the journey: delltechnologiescapital.com/…
2
93
Forensic Artifact Hunting with Sysmon v15:
Hunting Drivers installed with @MeetHumio Falcon Logscale
Application Information and much more.
Working on a Public @MeetHumio Content Pack for Sysmon v15
Here is what I have so Far:
Featuring my Latest v15 Compatible Sysmon Config with latest updates from myself and @NerbalOne
Featuring Pivots to MITRE ATT&CK Techniques and more
ToDo: @CrowdStrike Threat Intelligence integration, Geolocation maps and more
If you havent checked out Falcon Logscale already, check out the Community Edition that is free for all users here:
cloud.community.humio.com/si…
Link to Sysmon Config:
github.com/ion-storm/sysmon-…
7
21
4,294
Working on a Public @MeetHumio Content Pack for Sysmon v15
Here is what I have so Far:
Featuring my Latest v15 Compatible Sysmon Config with latest updates from myself and @NerbalOne
Featuring Pivots to MITRE ATT&CK Techniques and more
ToDo: @CrowdStrike Threat Intelligence integration, Geolocation maps and more
If you havent checked out Falcon Logscale already, check out the Community Edition that is free for all users here:
cloud.community.humio.com/si…
Link to Sysmon Config:
github.com/ion-storm/sysmon-…
FYI Sysmon v15 is out, @markrussinovich delivered, 2 of my feature requests! Protected process and FileExecutableDetected
Thanks @markrussinovich
3
17
28
12,409
I'd really like sigma to be extended more to support @MeetHumio and Splunk better, allot of the conversions are too basic and don't take advantage of advanced query languages
1
2
294
6 Mar 2023
This looks great! I've been experimenting with similar functionality using @securityonion and #SOC analyzers, and it seems like it has potential for providing context and next steps for a variety or alerts events, provided a sufficient prompt. Good stuff!
1
1
6
286
The tactics/techniques come from my extensive sysmon configuration here github.com/ion-storm/sysmon-…
1
1
3
312
It Didnt add MITRE ATT&CK Tags and techniques BUT it can if the event has enough details and you explicitely prompt it to suggest a Technique ID, Technique, subtechnique, Tactic, Datasouce and more
Here is the playbook exported, would love some swag :)
drive.google.com/file/d/13Ba…
1
2
11
1,383
4 Mar 2023
This is insane, and really clever! Did it add Mitre attack on its own? Can you share the story and we’ll get it in the story library for others to get using/take some inspiration from? And obviously give you credit (and some Tines swag!)
1
1
5
1,565
I just Integrated @MeetHumio Falcon LogScale with @tines_io and @OpenAI ChatGPT to Automatically evaluate Sysmon Threat Detections, provide Triage Steps, Recommendations, Threat Ratings, took me 5 min to setup lol..
13
57
222
32,447
I guess you should call it Falcon Logscale now that @Crowdstrike has talen over Humio, but it’s good to see that the community edition is still there. crowdstrike.com/products/obs…
1
4
8 Nov 2022
Sysmon @MeetHumio free 16GB a day 7day retention imagine doing IR and this was there when you arrive
1
1
7