Our great sponsors
- Onboard AI - Learn any GitHub repo in 59 seconds
- InfluxDB - Collect and Analyze Billions of Data Points in Real Time
- SaaSHub - Software Alternatives and Reviews
-
Your use case sounds cool. Unfortunately CrowdSec is not very mature on Windows (yet). That being said we have just written a parser for sysmon. It's very much WIP and needs testing. Also there's not any scenarios yet so CrowdSec can't detect anything there yet. That being said we would love to collaborate with you on creating them if you're willing to invest time in it too. A good place to do that would be via our Discord (invite link under the subreddit description) where I will be happy to set up a dedicated channel where you can have direct access to our devs.
-
Thank you for those wonderful news, i will be glad to collaborate and test it for the community, in fact i am already in Crowdsec Discord channel ,but it will take little bit more time for me to be familiar with Crowdsec integration (around 2 weeks) ,have some tasks in queue ,any way ,if its help we are using this set of rules sysmon rules , to prioritize our detection , in addition we using also Soar Suffle to automate some hash checking for certain folders and files against MISP and Malwarebazar workflows
-
Onboard AI
Learn any GitHub repo in 59 seconds. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at www.getonboard.dev.
