One post tagged with "threat intelligence analysis"

Honeypots like Cowrie are a great source of knowledge about attack vectors and new IOCs, but analyzing them can become a cumbersome task - especially because their number can get quite big. That’s where Dissect comes into play. By leveraging its API, you can streamline forensic analysis and automate snapshot processing. This opens up the road to fully automated IOC extraction pipelines that are able to analyze honeypot data and publish threat intelligence to be further processed by IDS tools.

This post is a short guide on how to configure Dissect API to work with Cowrie's snapshots.