Enrichment Data: Keeping it Fresh, (Fri, Sep 6th)

This post was originally published on this site

I like to enrich my honeypot data from a variety of sources to help understand a bit more about the context of the attack. This includes the types of networks the attacks are coming from or whether malware submitted to a honeypot is new. I use a variety of sources to enrich my cowrie data using cowrieprocessor [1]:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.