RITA
Real Intelligence Threat Analytics – Detects command-and-control activity using network flow and Zeek logs.
RITA (Real Intelligence Threat Analytics) is an open-source threat hunting framework developed by Active Countermeasures. It is designed to analyze NetFlow data and Zeek (formerly Bro) logs to identify signs of command-and-control (C2) communication, lateral movement, and beaconing behavior within a network. RITA empowers blue teams and SOC analysts to …
Keep reading with a 7-day free trial
Subscribe to CyberMaterial to keep reading this post and get 7 days of free access to the full post archives.