-
**[ @mmguero](https://github.com/mmguero)** cloned issue [idaholab/Malcolm#601](https://github.com/idaholab/Malcolm/issues/601) on 2024-10-24:
> We need to add an integration for using Mandiant thre…
-
**What is the bug?**
The threat intel module is not creating proper alerts after matching the IoCs.
When using the the {{#ctx.alerts}} it returns empty - Different from using standard detectors in t…
-
**Sorting by `_seq_no` field fails on empty index as mapping isn't created yet. This failure is expected and needs to be handled to return empty list instead of throwing exception and calling it a mon…
-
When cleaning up ransomware markdown file (https://github.com/fastfire/deepdarkCTI/pull/739) I discovered that someone (in 2022, commit id ef005e80c7fe32adc2739ede3a606183c6f911fa) added a threat inte…
-
Need to work with the Analyst Team to get their requirements before moving forward. Ask Garret to put this on hold until further notice.
-
- [x] Implement and Document Tests for JA3 and JARM File Parsing: We need to expand our test coverage to include tests for parsing JA3 and JARM hash files. This involves both implementing new test fu…
-
## Use case
Add the relationship type “belongs to” between Channel and Threat Actor / Identity:
- Channel -> "belongs-to" -> Organization
- Channel -> "belongs-to" -> Individual
- Channel -> "…
-
It seems that this list keeps randomly blocking major domains automatically without verification:
- https://github.com/davidonzo/Threat-Intel/issues/46 (2024-04-21 - Internet Archive)
- https://gi…
-
### Check for previous/existing GitHub issues
- [X] I have checked for previous/existing GitHub issues
### Issue Type?
Feature Request
### (Optional) Module Version
0.5.0
### (Optional) Correlat…
-
**Describe the feature:**
Within the Security solution's Intelligence tab there should be a way to manually upload indicators to be added to the Threat Intel index pattern.
- The upload solution sh…