Project

General

Profile

Feature #2318

matching on large amounts of data with dynamic updates

Added by Victor Julien over 1 year ago. Updated 9 months ago.

Status:
New
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

For various threat intel and reputation feeds, it would be useful to have a more generalized way of doing this.


Subtasks

Feature #659: Update IP reputation from unix socket.NewOISF DevActions
Feature #1249: http/dns ip-reputation alike techniqueAssignedVictor JulienActions
Feature #1757: URL ReputationNewCommunity TicketActions

Related issues

Related to Support #2309: SuriCon 2017 brainstormNew12/01/2017Actions
Related to Optimization #2317: rcuNewActions
Related to Support #2685: SuriCon 2018 brainstormNewActions
Related to Feature #713: tls.fingerprint - file usageNew01/12/2013Actions
Blocks Feature #2754: JA3 and JA3S - sets / reputationAssignedActions

History

#1

Updated by Victor Julien over 1 year ago

#2

Updated by Victor Julien over 1 year ago

#3

Updated by Raymond Hansen 9 months ago

  • Assignee changed from OISF Dev to Victor Julien
#4

Updated by Victor Julien 9 months ago

#5

Updated by Victor Julien 8 months ago

#6

Updated by Victor Julien 5 months ago

  • Related to Feature #713: tls.fingerprint - file usage added

Also available in: Atom PDF