From 1f48f57bdb0afd59e097e823e0ac14865d81ea1f Mon Sep 17 00:00:00 2001 From: Scott Sutherland Date: Wed, 25 May 2022 08:39:30 -0500 Subject: [PATCH] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 54b2f0e..70fb4be 100644 --- a/README.md +++ b/README.md @@ -197,7 +197,7 @@ Todos * Create bloodhound import file / edge (highrisk share) * Research to identify additional high risk share names based on common technology * Add better support for IPv6 -* Dynamic identification of spikes in high risk share creation/common groupings, need to better summarize supporting detail beyond just the timeline. For each of the data insights, add average number of shares created for insight grouping by year/month (for folder hash / name etc), and the increase the month/year it spikes. (attempt to provide some historical context); maybe even list the most common non default directories being used by each of those. +* Dynamic identification of spikes in high risk share creation/common groupings, need to better summarize supporting detail beyond just the timeline. For each of the data insights, add average number of shares created for insight grouping by year/month (for folder hash / name etc), and the increase the month/year it spikes. (attempt to provide some historical context); maybe even list the most common non default directories being used by each of those. Potentially adding "first seen date" as well.