This portal is designed for security professionals to create and improve upon the development of a security App on Splunk. This app will include many detection tools, hacker tactics, techniques, and procedures to share for free on Splunkbase. CrossRealms is excited to announce the April release of the Cyences App 1.3.0! The new version integrates Lansweeper and Sysmon capabilities allowing organizations to detect, identify and tag devices everywhere. The App now supports Lansweeper Add-on for Splunk version 1.1.0 which allow integration with on-prem installation. We also added more reports and new alerts including ‘Authentication related alerts’ that helps in detecting Bruteforce​​ Attempts and Excessive Failed VPN Logins attempts. Members are invited to participate in test/dev and end-user testing.

The following diagram outlines what is being developed for the App for the first year. Flowing from left to right, the first column indicates where customer systems reside, followed by the methods Splunk uses to collect, correlate, and enrich the data. The two columns following that is the MITRE attack framework and the additional Cyber Defenses we intend to inject/add/overlay using honeypots, ML, AI, and others to close the loop. 

Watch the creators of the DeTT&CT framework