Chapter 12. Extending SO
So far, weâve been working with the default installation of SO. This chapter introduces a few ways to extend it. You just need to edit a few configuration files and download some external content to get more from your SO setup.
To move beyond the âstockâ SO installation, weâll look at three ways to leverage additional functionality provided by the Bro suite:
Use the MD5 hashes logged by Bro with the website VirusTotal or other third-party analysis engines.
Configure Bro to extract binaries from network traffic, so that you can submit those artifacts to third-party analysis engines.
Integrate external intelligence from ...
Get The Practice of Network Security Monitoring now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.