Michael Sconzo

Threat Detection - Update (Jan 2017)

Blog Post created by Michael Sconzo Employee on Jan 25, 2017

If you didn't catch Saket's update about Log Parsers, be sure to look at all the improvements they made. Here's the January roll-up of the new detection capabilities added via Live.



  • PVID
  • CustomTCP
  • Lua Mail Options file
  • rekaf
  • Cerber
  • Updates to the DynDNS parser


Feed Additions

  • Grizzly Steppe
  • Locky
  • Cerber
  • Schoolbell
  • Kingslayer
  • Tox Supernode



  • Added Tox traffic to the 'Encrypted Traffic' report