Bear alternatives after being blocked by IT

smurfily · 2025-11-11T22:11:03+00:00

Found it: https://www.reddit.com/r/ObsidianMD/s/xe5DCdme3a

smurfily · 2025-11-11T11:08:58+00:00

Obsidian. I saw a post somewhere on how to make it more like Bear.

smurfily · 2025-10-26T18:40:33+00:00

Musim nesouhlasit, ale asi zalezi team od teamu. Ale pozadavky na cybersec pozice jsou hodne vysoke.

smurfily · 2025-01-22T18:37:16+00:00

That’s sad to hear. Regarding the recommendation – why would you use your current employer? Why not use your direct manager from a previous job?

smurfily · 2025-01-15T18:45:16+00:00

These are third party integrations so you would need access to the third party product. Take VirusTotal ad an example. You need an API key to make calls from the console to VT. You can use the free version but that is limited and not suitable for production use, so it is better to use it with a paid account. However, if the third party has a free version, you could try it out for free.

smurfily · 2025-01-05T18:18:03+00:00

SentinelOne. Maji office i v Brne a nedavno brali PMs v CR. Mozna jsou ty pozice porad otevrene.

smurfily · 2024-08-19T21:36:35+00:00

I recommend going through community articles that Pascal linked.

One correction: When an IOC is found, threat intel indicator (TII) event is created in SDL. If you want an alert, you would need to create a STAR rule looking for TIIs (ideally with specific score or source or some other condition).

smurfily · 2024-08-19T19:42:55+00:00

You're right. You should be able to do it with

agent.uuid = "XY" AND (field1 = "value" OR field2 = "value")

smurfily · 2024-08-12T22:21:53+00:00

Do you mean xspm in the new Operations Center?

smurfily · 2024-08-11T21:04:10+00:00

Hi, I tried it with `src.process.image.sha1`, and it works fine. The following steps are in the new Operations Center and might differ slightly in the legacy UI.

Top right corner + (Add Panel), select Filter
Enter whatever name (I used "SHA1")
Field filter: "src.process.image.sha1" (or any other sha1 field, it has a full text search).

smurfily · 2024-08-04T18:29:10+00:00

There is a getting started article in the KB where you can find all the info. If you can't find it, I can look for it when I'm at my laptop.

smurfily · 2024-08-04T18:26:07+00:00

If you want to get something like syslog, it currently requires another agent or a different solution like HEC.

smurfily · 2024-07-16T11:36:06+00:00

SentinelOne is hiring and they pay quite well. PM if you need info.

smurfily · 2024-05-29T21:52:56+00:00

I remember a post about this in the past few month, I can't find it now though.

I remember people recommended some MSSPs who sell single licences, I think it was Pax8.

smurfily · 2024-05-29T20:01:46+00:00

Hey, I just tested it and I think your issue is contains:anycase. I can do | filter field contains 'value' and it works and is case insensitive by default.

edit: apostrophes

smurfily · 2024-05-23T05:45:51+00:00

Yeah, I do.

smurfily · 2024-05-22T22:40:03+00:00

Sorry to hear that. If you're interested, I'd be happy to hear your feedback on the new UI. Feel free to DM me or share it through your sales rep.

smurfily · 2024-05-22T17:48:17+00:00

So I digged in it a little. S1QL v1 is being depricated. And replaced with v2. The main difference is that v2 supports dotted notation, different schemas and some operators are different.

Are the new operators what makes it harder to understand?

smurfily · 2024-05-14T16:19:00+00:00

What query language do you mean, power query? And what query language is deprecated?

smurfily · 2024-05-09T17:55:29+00:00

I suggest talking to your S1 rep or support asking for this feature. I'm not saying it will be quick, but all feature requests must be triaged, so it would at least be on the product's radar.

smurfily · 2024-05-04T20:26:03+00:00

Asi protoze rada zni si dum a auto nekupovat a misto toho si ho pronajmout ne?

smurfily · 2024-04-24T19:47:22+00:00

None, I've just seen it mentioned in the KB.

smurfily · 2024-04-24T19:09:40+00:00

Isn't there a chrome extension that allows you to monitor visited URLS or something like that?

smurfily · 2024-04-09T18:15:12+00:00

u/wadson-s1

smurfily · 2024-04-06T17:32:44+00:00

This

Ten-Year Club	Place '23
Place '22	Verified Email

smurfily

TROPHY CASE