UnderDefense Blog

UnderDefense's engineer unlocked Splunk certifications Consultant I level  We are pleased to be a Spunk partner and now our security analysts are awarded and holding Splunk certifications.  Slunk Inc. is a company producing software for searching, monitoring, and...

IoT Malware analysis project UnderDefense has completed a new IoT Security project. Our security engineers helped Israel startup to identify and Reverse Engineer new malware example that massively targets IoT devices.

Crypto markets & Smart-Contract Security UnderDefense has recently completed 2 complex security assessment projects for cryptocurrency marketplaces. Our elite team of ethical hackers provided Solidity based Smart-Contract code assessment as well as discovered critical...

Eset Remote Administrator App for Splunk About data visualization and Splunk apps The best method to explain the significance of information is to display it in a visual context. Recently we have created an add-on for our SIEM Splunk to make data flow from Eset Remote...

How to configure log collection from Cisco FirePower to SplunkIntroduction In this article we are going to describe the process of connecting FirePower Threat Defense with Splunk in case of using Firepower Management Center. First of all, we are about to share some...

Windows Event Collector orchestration Introduction As continuation of the previous article, we are going to share information about next step in WEC configuration. We will talk about event forwarding background, which services it uses and how to configure them in a...

Windows Event Collector orchestration Introduction This blog is one of many in a series that will discuss log collection variants. Today we are going to talk about log collection in Windows Infrastructure. If you’d like to monitor your infrastructure or provide SOC...

Splunk Add-on for Eset Remote AdministratorDevelopment First of all we need to install Splunk Add-on builder. I prefer to install it from internal splunk shop in Splunk Enterprise. Go to Manage Apps and click Browse more apps Use “Search” to find this. Then click...

How to deploy MSI packages remotely in Windows infrastructure using remote shell Very often we come across the challenge of deploying software in enterprise infrastructures. An example of a great solution to this problem is to go with a flash drive from host to host...