Kestrel

September 14, 2023
Published by Kenneth Peeples on September 14, 2023

Announcing the Team Threat Hunting Project

Kestrel as a Service The Open Cybersecurity Alliance (OCA) is excited to announce the next milestone of the Kestrel subproject, Kestrel as a Service (KaaS).  KaaS enables threat hunting at scale to improve threat detection.   It is a Kestrel container and a deployable cloud-managed hunting service for large organizations. The project provides the code and instructions for deploying a […]
Do you like it?
Read more
August 8, 2023
Published by Claudia Rauch on August 8, 2023

OCA and Kestrel at Black Hat 2023

At the Black Hat 2023 conference, attendees will hear from security experts sharing groundbreaking research at the Briefings, view demos of open-source tools at Arsenal, meet sponsors presenting a range of products and solutions in the Business Hall, and network with thousands of security professionals. Don’t miss out on the Kestrel session on Wednesday, 9 August, 1:00 PM – 2:30 […]
Do you like it?
Read more
July 11, 2023
Published by Xiaokui Shu on July 11, 2023

Kestrel Data Retrieval Explained

Kestrel provides a layer of abstraction to compose hunt-flows with standard hunt steps that run across many data sources and data types. This blogs overviews how data is retrieved, processed, and stored in Kestrel, and explains the 10x data retrieval performance improvement through Kestrel 1.5, 1.6, and 1.7.
Do you like it?
Read more
February 27, 2023
Published by Leila Rashidi on February 27, 2023

A Kestrel Analytics to Detect Lateral Movement

Given the dramatic rise in number of cybersecurity attacks in the recent years, threat hunting is very important to secure businesses and enterprises. This post discusses a new approach to detect lateral movement and shows how this approach can be applied on the data read using STIX-Shifter in the Kestrel threat hunting platform.
Do you like it?
Read more
12
Next page