By Bob Rudis (@hrbrmstr)
Fri 15 August 2014 | tags: r, rstats, valgrind, rcpp, dns, -- (permalink)

Thanks to a blog comment by @arj, I finally ran at least one of the new Rcpp-based through valgrind (resolv) and, sure enough there were a few memory leaks which are now fixed. However, I first ran valgind with a simple test R script that just did library(stats ...

By Bob Rudis (@hrbrmstr)
Tue 12 August 2014 | tags: r, rstats, analysis, -- (permalink)

We’ve got some new and updated R packages that are (hopefully) helpful to security folks who are endeavouring to use R in their quest to find and prevent malicious activity. All packages now incorporate a testthat workflow and are fully roxygen-ized and present some best practices in R ...

By Jay Jacobs(@jayjacobs)
Mon 04 August 2014 | tags: r, rstats, dns, -- (permalink)

The R Language is really good at data and statistical analysis, but when it comes to working with information security data it has a few holes that need plugging up. Bob has been doing a couple of posts using Rcpp to do things like Basic DNS Lookups, TXT lookups, and ...

By Bob Rudis (@hrbrmstr)
Mon 04 August 2014 | tags: r, rstats, rcpp, dns, -- (permalink)

Back in April, we showed you how to use a C resolver library to make many different kinds of DNS lookups. More oft than not, such complete functionality is not necessary, but R still only provides nsl to get an IPv4 address of a given hostname, which is woefully inadequate ...

By Bob Rudis (@hrbrmstr)
Wed 02 July 2014 | tags: book, sale, -- (permalink)

If you’ve been holding off buying our book, now’s the time to act! Wiley has a special running on The Hacker News where you can save 50% off list (putting it at $25.00USD).

NOTE: This sale may be for only those folks outside the U.S. Unfortunately ...

By Bob Rudis (@hrbrmstr)
Wed 02 July 2014 | tags: datavis, geoip, -- (permalink)

The ever-watchful @cdporter00 pointed out the use of an IP-space density map in Microsoft’s recent court filing [PDF] related to the somewhat controversial takedown of a boatload of domains:

Defendants Mutairi, Benabdellah, and Does 1-500 (“Malware Defendants”) have directed actions at Nevada, including the division of Las Vegas ...

By Bob Rudis (@hrbrmstr)
Mon 23 June 2014 | tags: r, rstats, python, rstudio, -- (permalink)

I’ve been using RStudio’s new ability to run Python scripts since I often need to analyze/process data in R but then run web services with said data in Python (usually via Flask). I’d rather live with the foibles of the RStudio editor than use a separate ...

By Jay Jacobs (@jayjacobs)
Sun 15 June 2014 | tags: R, Video, Marx, -- (permalink)

Bob and I presented at Secure360 together back in May (the slides are available on our site). But during that presentation we played the last Marx video I built in the post titled, “Visualizing countries from the Marx data“. The reaction we got was completely unexpected and many people commented ...

By Bob Rudis (@hrbrmstr)
Fri 13 June 2014 | tags: rstats, r, datavis, wifi, cartography, maps, RCurl, -- (permalink)

This is the second of a two-part series. Part 1 set up the story and goes into how to discover, digest & reformat the necessary data. This concluding segment will show how to perform some basic visualizations and then how to build beautiful & informative density maps from the data and offer ...

By Steve Patton (@spttnnh)
Mon 09 June 2014 | tags: datavis, dataviz, AlienVault, data analysis. data management, r, rstats, -- (permalink)

In Part 1 we looked at acquiring raw data, and wrangling it into a time series dataset. In Part 2 we looked at types of threats in the time series. In Part 3 we looked at countries. Now we will examine countries and types in combination in the AlienVault reputation ...