Dmitry Shulinin

Dmitry Shulinin

Having completed over 8 years in the specialist field of information security and system administration I gained experience implementing different information security solutions like firewalls, IPS, antivirus systems, DLP and SIEM. I’ve also developed skills in detecting and mitigating attacks and conducting computer forensics. My interest in automation of processes and creating something new pushed me to learning scripting languages (bash) and python. The latter was also found to be very suitable in data analysis, which in conjunction with SIEM technologies, is my main interest at present.
LinkedIn
Facebook

December 21, 2016 | Dmitry Shulinin

Tracking an Infected Host Using OSSIM / USM with Customization

Good day everyone! Today I want to share the experience of tracking the activity of malicious software on a host with the help of OSSIM or USM, and some customization. Let’s look at a typical network of a small or mid-sized enterprise. For example, we have a few client PCs running Windows 7, 8, 10, and a domain controller which also…

September 14, 2016 | Dmitry Shulinin

How to Use OSSIM / USM Active Lists with Python Scripts

Hello, dear Alien Nation and all the community! What I want to explore today is the so-called “active lists” functionality and how it can be implemented in USM/OSSIM. Let me explain what I call an “active list” with the following example. Let’s say we have some application (A) to which users log in…

Get the latest security news in your inbox.

Subscribe via Email

August 25, 2016 | Dmitry Shulinin

Using Custom Functions in USM and OSSIM for Additional Parsing of Log Data

Good day everybody. Today I’m going to examine and explain the functionality of “custom functions”, used in OSSIM/USM parsers. Those are the functions meant to modify the data after the agent finishes parsing. There are several built-in functions such as: “resolv()”, which resolves the IP by hostname “normalize_date()” which normalizes…

Watch a Demo ›
Get Price Free Trial