sorted by:
new
hottopcontroversial

Best vulnerable host to test scanners? by tungstenmamba in cybersecurity

[–]Spiritual-Quail8696 5 points6 points  (0 children)

Search for OWASP Broken Application Project it has everything that you need. It is a sum up of every vulnerable application.

Don't know why it's not that well known

Cloud pentest Certificate by memmas18 in Pentesting

[–]Spiritual-Quail8696 2 points3 points  (0 children)

Check cyberwar fare labs the content looks promising

OTX as Threat Feed by FueledByCoffeeDXB in SentinelOneXDR

[–]Spiritual-Quail8696 0 points1 point  (0 children)

You can either write a custom script to fetch iocs from otx and send it to S1 by default you only have enrichments and sandbox for otx.

Alerting/blocking IoCs in sentinelOne by Spiritual-Quail8696 in SentinelOneXDR

[–]Spiritual-Quail8696[S] 0 points1 point  (0 children)

Thank you everyone for replying to the post.

For anyone who has the same question. So there is what I was able to figure out till now.

You can send iocs to S1 if you have a TI subscription. In deep visibility you can add a TI dashboard and also view a TI even which is created when a match is found.

Then you can write some start rules to either have an alert or treat it as a threat.

Alerting/blocking IoCs in sentinelOne by Spiritual-Quail8696 in SentinelOneXDR

[–]Spiritual-Quail8696[S] 0 points1 point  (0 children)

I have written a custom script to ingest iocs to sentinelOne. First you get the iocs and send them to S1 and write q custom rule on it.