We’re excited to announce the availability of Trisul 3.6. This release is entirely focused on making Trisul suitable for high speed packet processing

Hey Trisul users, we’ve got a maintenance update to Trisul 3.0.

OpenIOC is an XML schema that allows specification and sharing of threat information. An example of OpenIOC is the NetTraveler indicator file 469aed6f-941c-4a1e-b471-3a3e80cbcc2e.ioc

All you have to do is send a DNS TXT request and deal with the results.

We’ve created a OpenIOC format XML file out of the report. We think we got everything except the semaphore indicators.

This release took a good three months but it was worth it. The highlight of this release is..

A quick introduction to the X-Drill (Cross Drill) tool in Trisul 3.0 .

We are working like crazy trying to get Trisul 3.0 out the door by mid-April. We are so excited by the advanced SSL/TLS analysis features in 3.0, we cant wait that long to share some details.

This is exciting stuff for a lot of “intel starved” enthusiasts like us. Atleast three types of indicators can be searched for by looking at past network traffic.

f you were to walk into a strange network, you would want to first see what the typical characteristics of the network are.