RITA

Real Intelligence Threat Analytics – Detects command-and-control activity using network flow and Zeek logs.

Jun 25, 2025

∙ Paid

RITA (Real Intelligence Threat Analytics) is an open-source threat hunting framework developed by Active Countermeasures. It is designed to analyze NetFlow data and Zeek (formerly Bro) logs to identify signs of command-and-control (C2) communication, lateral movement, and beaconing behavior within a network. RITA empowers blue teams and SOC analysts to …

Continue reading this post for free, courtesy of CyberMaterial.

Or purchase a paid subscription.