If you're a Java shop and not already panicking over log4j2, you probably should be. Here's a story that ingests the CISA RSS feed, greps for common languages/package managers, and emits to Slack:

If you wanna know who is out there on the internet already exploiting this: https://www.greynoise.io/viz/query/?gnql=tags%3A%22Apache%20Log4j%20RCE%20Attempt%22

Quick and dirty powershell script (in annotation) which looks for vulnerable instances of log4j, then sends results over to a tines webhook, that can either send to Slack or Splunk HEC

Anyone use AWS SSM Parameter Store for the data/secret storage? Realized today I had never thought of using it with Tines as an HTTP Request Action Credential and it was really easy. https://tinesio.notion.site/Parameter-Store-HRAC-05d4ecc004bc4d58a8842bc18ea274bf

Our own @adventurous-manchester-53286 has kicked off a new series of posts about specific Stories in our Story Library. He'll be posting to Twitter and LinkedIn. First off, syncing user updates from Okta to other platforms using Event Hooks. https://twitter.com/tuckner/status/1531727652507291653 https://www.linkedin.com/posts/johntuckner_soar-automation-iam-activity-6937495391814791168-0rSo/

Ever hear of a ‘mailhook’? It’s a service that will translate incoming emails into JSON payloads. I’ve used Sendgrid’s Inbound parse a couple times for free to forward all emails that go to a MX subdomain to a webhook address. It used to work really well for Shodan alerts when they only offered email alerts in the past. Sendgrid doc: https://docs.sendgrid.com/for-developers/parsing-email/setting-up-the-inbound-parse-webhook Would appreciate any shares or likes in case there are other folks that don’t know that feature exists! https://twitter.com/tuckner/status/1537088326812979203

Story Library Notifications Like to be notified when new Stories are published to the Story Library but find RSS to be too 1999 for you? Sign up here and receive an email for each new Story that is released! https://go.tines.xyz/story-lib-notifications