Threat hunting using DNS indicators

Posted on by David Vassallo

DNS is a great source of information for security analysts… if you’re not already monitoring DNS activity in your network — you should start asap, for the reasons we’ll explore in this article DNS is one of the major workhorses that powers the Internet. Everything uses DNS — browsers, apps, updates… and malware. Almost every malware needs to “phone … Continue reading Threat hunting using DNS indicators

Elasticsearch REST API: JEST upsert

Posted on by David Vassallo

I've already written about tips and tricks when using the Elasticsearch Java API. The Elasticsearch REST API has been going from strength to strength, and it seems that going forward the Elasticsearch team will focus more on the REST API than the native JAVA client. At the time of writing however, the official java REST library … Continue reading Elasticsearch REST API: JEST upsert