TOPIC

SIEM

2 posts

WazuhThreat IntelligenceAlert Enrichment+4

DFIR Platform + Wazuh: Real-Time Alert Enrichment

Integrate DFIR Platform's IOC enrichment API with Wazuh for real-time alert enrichment. Includes integratord configuration, active response scripts, and example alert workflows for SOC teams.

Apr 13, 202610 min read

SplunkIOC EnrichmentCustom Search Command+3

DFIR Platform + Splunk: IOC Enrichment via Custom Search Commands

Build a Splunk custom search command that enriches IOCs via DFIR Platform API. Includes Python code, commands.conf configuration, packaging as a Splunk app, and example SPL queries.

Apr 14, 202611 min read