save
This commit is contained in:
parent
399aee9ea6
commit
9ca84b7b7e
15 changed files with 29 additions and 87 deletions
2
.orgids
2
.orgids
File diff suppressed because one or more lines are too long
|
@ -1,33 +0,0 @@
|
|||
# Created 2021-09-16 Thu 11:36
|
||||
#+TITLE: Cisco Notes
|
||||
#+AUTHOR: Yann Esposito
|
||||
* FMC
|
||||
|
||||
#+begin_src javascript
|
||||
{"name": "FMC",
|
||||
"description": "FMC",
|
||||
"scopes":["casebook",
|
||||
"enrich:read",
|
||||
"global-intel:read",
|
||||
"inspect:read",
|
||||
"integration:read",
|
||||
"notification",
|
||||
"orbital",
|
||||
"profile",
|
||||
"private-intel",
|
||||
"response",
|
||||
"registry/user/ribbon",
|
||||
"telemetry:write",
|
||||
"users:read"],
|
||||
"grants":["device-grant"],
|
||||
"client-type":"public"
|
||||
"availability":"everyone"
|
||||
}
|
||||
#+end_src
|
||||
|
||||
|
||||
- INT: =client-9bb6566d-36f6-4b18-b576-72a814522926=
|
||||
- TEST: =client-c485b90e-1324-4e92-a174-06eccc31f59e=
|
||||
- PROD NAM: =client-bdc01e2b-776c-4aa1-a530-5adef5313d4a=
|
||||
- PROD EU: =client-fee0ce92-0b22-47cc-8345-2741f07a0e30=
|
||||
- PROD APJC: =client-69859e78-fee4-4c7b-9d36-ef9fdee42ba2=
|
|
@ -1,33 +0,0 @@
|
|||
# Created 2021-09-16 Thu 11:37
|
||||
#+TITLE: Cisco Notes
|
||||
#+AUTHOR: Yann Esposito
|
||||
* FMC
|
||||
|
||||
#+begin_src javascript
|
||||
{"name": "FMC",
|
||||
"description": "FMC",
|
||||
"scopes":["casebook",
|
||||
"enrich:read",
|
||||
"global-intel:read",
|
||||
"inspect:read",
|
||||
"integration:read",
|
||||
"notification",
|
||||
"orbital",
|
||||
"profile",
|
||||
"private-intel",
|
||||
"response",
|
||||
"registry/user/ribbon",
|
||||
"telemetry:write",
|
||||
"users:read"],
|
||||
"grants":["device-grant"],
|
||||
"client-type":"public"
|
||||
"availability":"everyone"
|
||||
}
|
||||
#+end_src
|
||||
|
||||
|
||||
- INT: =client-9bb6566d-36f6-4b18-b576-72a814522926=
|
||||
- TEST: =client-c485b90e-1324-4e92-a174-06eccc31f59e=
|
||||
- PROD NAM: =client-bdc01e2b-776c-4aa1-a530-5adef5313d4a=
|
||||
- PROD EU: =client-fee0ce92-0b22-47cc-8345-2741f07a0e30=
|
||||
- PROD APJC: =client-69859e78-fee4-4c7b-9d36-ef9fdee42ba2=
|
1
journal/2021-08-04--17-13-03Z--airss.org
Normal file
1
journal/2021-08-04--17-13-03Z--airss.org
Normal file
|
@ -0,0 +1 @@
|
|||
#+TITLE: nrr
|
|
@ -1,5 +0,0 @@
|
|||
#+TITLE: Note_1
|
||||
|
||||
Woo this is a minimal note.
|
||||
Should be a side, note, but hey...
|
||||
[[file:index.org:note_1][get back to index]]
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -17,10 +17,9 @@ The central notion of the product was /Playbooks/.
|
|||
|
||||
To my understanding, the main idea behind Playbooks was to have a kind of
|
||||
meta system built by domain experts to greatly improve Threat hunting.
|
||||
Typically by being able to discover complex links between different
|
||||
warnings from different places in the system and how to react to them.
|
||||
|
||||
The end goal being to have a "smart view" of the complexity of a threat.
|
||||
Being able to discover complex links between different warnings from
|
||||
different places in the system.
|
||||
For example one of the first mission given to the rule engine was to
|
||||
generate COAs (Course of Actions) from Sightings.
|
||||
This give a better idea about what the engine could bring to the product.
|
||||
|
@ -30,5 +29,10 @@ me.
|
|||
As you all pointed out, if an incident is like a github-issue, having too
|
||||
much github issue should be fixed at the source of the problem.
|
||||
Prevent the automatic creation of too much similar issues.
|
||||
If that could help to put the engine in a place where they could show
|
||||
their strength I am all for it.
|
||||
If that could help to put the engine in a place where they could show their
|
||||
strength I am all for it.
|
||||
|
||||
Mainly I think that keeping this idea of "Playbook" gives a better argument
|
||||
about what problem is trying to be solved by the incident merging.
|
||||
I think the main problem to solve might not be for the user but to give the
|
||||
engine a real concrete use case.
|
||||
|
|
|
@ -39,4 +39,3 @@ pas pu rentrer dans l'enceinte de l'école.
|
|||
Je vais amener Oslo chez le vétérinaire.
|
||||
|
||||
Voilà à peu près tout.
|
||||
** 09:12
|
||||
|
|
|
@ -25,14 +25,18 @@
|
|||
:PROPERTIES:
|
||||
:CREATED: 20210918
|
||||
:END:
|
||||
| activité φ | ?/5 | au lit -> sport |
|
||||
| nourriture | ?/5 | mal-bouffe -> saine |
|
||||
| humeur | ?/5 | exécrable -> excellente |
|
||||
| énergie | ?/5 | exécrable -> excellente |
|
||||
| intérêt | ?/5 | ennuie -> exceptionnel |
|
||||
| activité φ | 1/5 | au lit -> sport |
|
||||
| nourriture | 1/5 | mal-bouffe -> saine |
|
||||
| humeur | 2/5 | exécrable -> excellente |
|
||||
| énergie | 1/5 | exécrable -> excellente |
|
||||
| intérêt | 1/5 | ennuie -> exceptionnel |
|
||||
* 2021-09-18 Saturday
|
||||
** 12:24
|
||||
Ce matin nous sommes allés à la plage avec mes beaux parents et Bastien.
|
||||
C'était bien agréable.
|
||||
Anna est resté à l'appartement.
|
||||
Ce soir nous avons réservé pour l'Amandier.
|
||||
** 23:50
|
||||
L'amandier était très agréable.
|
||||
Je m'étais trompé de jour pour la réservation.
|
||||
Mais on a tout de même pu avoir des places.
|
||||
|
|
|
@ -70,8 +70,7 @@ La classe.
|
|||
|
||||
#+begin_src emacs-lisp
|
||||
(setq spell-fu-faces-exclude
|
||||
'(org-block
|
||||
org-block-begin-line
|
||||
'(org-block-begin-line
|
||||
org-block-end-line
|
||||
org-code
|
||||
org-date
|
||||
|
|
|
@ -45,4 +45,10 @@ Les tailles de fontes, pour avoir une expérience douce les week-end.
|
|||
Bon je sais pas ce qui ne va pas avec les fontes et ma conf emacs.
|
||||
Mais j'imagine que je finirai par trouver.
|
||||
|
||||
]
|
||||
** 21:18
|
||||
Nous avons reçu Laurent Pina.
|
||||
Celà faisait bien longtemps.
|
||||
Nous avons mangé des pates fraiches au pesto.
|
||||
Bien préparées ce fut très agréable.
|
||||
Il nous avais ramené un vin rouge du Larzac délicieux.
|
||||
Krystelle avait préparé un Paris-Brest vraiment extraordinaire aussi.
|
||||
|
|
BIN
roam/org-roam.db
BIN
roam/org-roam.db
Binary file not shown.
|
@ -606,7 +606,7 @@ CLOCK: [2021-10-08 Fri 17:33]--[2021-10-08 Fri 20:33] => 3:00
|
|||
*** 2021-10-14 Thursday
|
||||
**** IN-PROGRESS Write Customer Manager doc :work:
|
||||
:LOGBOOK:
|
||||
CLOCK: [2021-10-14 Thu 15:23]
|
||||
CLOCK: [2021-10-14 Thu 15:23]--[2021-10-14 Thu 16:33] => 1:10
|
||||
:END:
|
||||
[2021-10-14 Thu 15:23]
|
||||
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*write attack on Webhooks with JWT from emitters][write attack on Webhooks with JWT from emitters]]
|
||||
|
|
Loading…
Reference in a new issue