Name: Rob Gresham
Type: User
Company: Cisco
Bio: verb (used with or without object), 1. to explain, study, or interpret in people, process and technologies. 2. to provide cyber defense effectively
Location: Chucktown, SC
Blog: https://www.ttp0.io/
Rob Gresham's Projects
OCSF Schema
OpenCNA (Collection & Normalization & Analysis)
SIEM Logstash parsing for more than hundred technologies
A repository for using osquery for incident detection and response
The Markdown Resume
Sample Phantom Playbooks
community apps for Phantom security orchestration platform
Phantom Apps Repo
Splunk Phantom App for Browserless/chrome
Phantom in a container
Share RBA-specific playbooks, apps, and custom functions
Test harness for a more pleasurable app building experience
Apps written in Python for the Phantom Orchestration Platform
Material for a Phantom POV event
Python script to create a timeline PDF report from Phantom.us.
Phantom Orchestration Playbooks
Misc Python scripts
QRadio ~ Best Threat Intelligence Radio ~ Tune In!
Collecting & Hunting for IOCs with gusto and style
Restful Server to handle requests from rastrea2r client
Real Intelligence Threat Analytics
Repository of yara rules
Sandia Cyber Omni Tracker (SCOT)
Splunk Security Content
Sguil client for NSM