Software Platform

Bricata’s platform makes it easy to get direct answers for alerts and protect network environments in real-time (bricata,2021).

I the shown picture, I demonstrated the explanation of each main tab in Bricata Software.

After clicking Hunt button it will permit us to instantly see everything the affected host has been doing. This host is producing countless alerts. As well as the different networks that are communicating with. In addition, it will let you know if you have to be careful about lateral movement or malware propagation from this host. 

(Author's Screenshot)

Furthermore, applying Groups to the view allows us rapidly to bunch huge volumes of metadata.

(Author's Screenshot)

The Resp IP and Services utilized in communication with the suspect network that gives us no motivation to think this host is proliferating malware along the side.

(Author's Screenshot)

Moreover, in Tags, you can customise tags for alerts to indicates these alerts need attention. And that could be by choosing between Authorities, expire- cert and IR target.

Reference:

BRICATA (2021) BRICATA PRODUCT TOUR. [Online] BRICATA. Available from:Tour the Dashboard - Bricata Network Detection & Response Platform [Accessed 05/06/21].