save

Cisco.tmp0mdCry.org

@@ -1,33 +0,0 @@
-# Created 2021-09-16 Thu 11:36
-#+TITLE: Cisco Notes
-#+AUTHOR: Yann Esposito
-* FMC
-
-#+begin_src javascript
-{"name": "FMC",
- "description": "FMC",
- "scopes":["casebook",
-           "enrich:read",
-           "global-intel:read",
-           "inspect:read",
-           "integration:read",
-           "notification",
-           "orbital",
-           "profile",
-           "private-intel",
-           "response",
-           "registry/user/ribbon",
-           "telemetry:write",
-           "users:read"],
- "grants":["device-grant"],
- "client-type":"public"
- "availability":"everyone"
-}
-#+end_src
-
-
-- INT: =client-9bb6566d-36f6-4b18-b576-72a814522926=
-- TEST: =client-c485b90e-1324-4e92-a174-06eccc31f59e=
-- PROD NAM: =client-bdc01e2b-776c-4aa1-a530-5adef5313d4a=
-- PROD EU: =client-fee0ce92-0b22-47cc-8345-2741f07a0e30=
-- PROD APJC: =client-69859e78-fee4-4c7b-9d36-ef9fdee42ba2=

Cisco.tmp2jspVv.org

@@ -1,33 +0,0 @@
-# Created 2021-09-16 Thu 11:37
-#+TITLE: Cisco Notes
-#+AUTHOR: Yann Esposito
-* FMC
-
-#+begin_src javascript
-{"name": "FMC",
- "description": "FMC",
- "scopes":["casebook",
-           "enrich:read",
-           "global-intel:read",
-           "inspect:read",
-           "integration:read",
-           "notification",
-           "orbital",
-           "profile",
-           "private-intel",
-           "response",
-           "registry/user/ribbon",
-           "telemetry:write",
-           "users:read"],
- "grants":["device-grant"],
- "client-type":"public"
- "availability":"everyone"
-}
-#+end_src
-
-
-- INT: =client-9bb6566d-36f6-4b18-b576-72a814522926=
-- TEST: =client-c485b90e-1324-4e92-a174-06eccc31f59e=
-- PROD NAM: =client-bdc01e2b-776c-4aa1-a530-5adef5313d4a=
-- PROD EU: =client-fee0ce92-0b22-47cc-8345-2741f07a0e30=
-- PROD APJC: =client-69859e78-fee4-4c7b-9d36-ef9fdee42ba2=

journal/2021-08-04--17-13-03Z--airss.org

@@ -0,0 +1 @@
+#+TITLE:  nrr

note_1.org

@@ -1,5 +0,0 @@
-#+TITLE: Note_1
-
-Woo this is a minimal note.
-Should be a side, note, but hey...
-[[file:index.org:note_1][get back to index]]

notes/cisco_team_history.org

@@ -17,10 +17,9 @@ The central notion of the product was /Playbooks/.
 
 To my understanding, the main idea behind Playbooks was to have a kind of
 meta system built by domain experts to greatly improve Threat hunting.
+Typically by being able to discover complex links between different
+warnings from different places in the system and how to react to them.
 
-The end goal being to have a "smart view" of the complexity of a threat.
-Being able to discover complex links between different warnings from
-different places in the system.
 For example one of the first mission given to the rule engine was to
 generate COAs (Course of Actions) from Sightings.
 This give a better idea about what the engine could bring to the product.
@@ -30,5 +29,10 @@ me.
 As you all pointed out, if an incident is like a github-issue, having too
 much github issue should be fixed at the source of the problem.
 Prevent the automatic creation of too much similar issues.
-If that could help to put the engine in a place where they could show
-their strength I am all for it.
+If that could help to put the engine in a place where they could show their
+strength I am all for it.
+
+Mainly I think that keeping this idea of "Playbook" gives a better argument
+about what problem is trying to be solved by the incident merging.
+I think the main problem to solve might not be for the user but to give the
+engine a real concrete use case.

notes/journal/2021/2021-09-16.org

@@ -39,4 +39,3 @@ pas pu rentrer dans l'enceinte de l'école.
 Je vais amener Oslo chez le vétérinaire.
 
 Voilà à peu près tout.
-** 09:12

notes/journal/2021/2021-09-18.org

@@ -25,14 +25,18 @@
 :PROPERTIES:
 :CREATED:  20210918
 :END:
- | activité φ | ?/5 | au lit     -> sport         |
- | nourriture | ?/5 | mal-bouffe -> saine         |
- | humeur     | ?/5 | exécrable  -> excellente    |
- | énergie    | ?/5 | exécrable  -> excellente    |
- | intérêt    | ?/5 | ennuie     -> exceptionnel  |
+ | activité φ | 1/5 | au lit     -> sport         |
+ | nourriture | 1/5 | mal-bouffe -> saine         |
+ | humeur     | 2/5 | exécrable  -> excellente    |
+ | énergie    | 1/5 | exécrable  -> excellente    |
+ | intérêt    | 1/5 | ennuie     -> exceptionnel  |
 * 2021-09-18 Saturday
 ** 12:24
 Ce matin nous sommes allés à la plage avec mes beaux parents et Bastien.
 C'était bien agréable.
 Anna est resté à l'appartement.
 Ce soir nous avons réservé pour l'Amandier.
+** 23:50
+L'amandier était très agréable.
+Je m'étais trompé de jour pour la réservation.
+Mais on a tout de même pu avoir des places.

notes/journal/2021/2021-09-26.org

@@ -70,8 +70,7 @@ La classe.
 
 #+begin_src emacs-lisp
 (setq spell-fu-faces-exclude
-        '(org-block
-          org-block-begin-line
+        '(org-block-begin-line
           org-block-end-line
           org-code
           org-date

notes/journal/2021/2021-10-10.org

@@ -45,4 +45,10 @@ Les tailles de fontes, pour avoir une expérience douce les week-end.
 Bon je sais pas ce qui ne va pas avec les fontes et ma conf emacs.
 Mais j'imagine que je finirai par trouver.
 
-]
+** 21:18
+Nous avons reçu Laurent Pina.
+Celà faisait bien longtemps.
+Nous avons mangé des pates fraiches au pesto.
+Bien préparées ce fut très agréable.
+Il nous avais ramené un vin rouge du Larzac délicieux.
+Krystelle avait préparé un Paris-Brest vraiment extraordinaire aussi.

tracker.org

@@ -606,7 +606,7 @@ CLOCK: [2021-10-08 Fri 17:33]--[2021-10-08 Fri 20:33] =>  3:00
 *** 2021-10-14 Thursday
 **** IN-PROGRESS Write Customer Manager doc                       :work:
 :LOGBOOK:
-CLOCK: [2021-10-14 Thu 15:23]
+CLOCK: [2021-10-14 Thu 15:23]--[2021-10-14 Thu 16:33] =>  1:10
 :END:
 [2021-10-14 Thu 15:23]
 - ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*write attack on Webhooks with JWT from emitters][write attack on Webhooks with JWT from emitters]]