-
## Use case
Currently Organizations / Threat Actor Groups and Individuals / Threat Actor Individuals are tracked as different entities. This leads to inconsistencies due to the fact that they can hav…
-
Have concern about how to best utilize Intrusions sets. Having Russian Cyber Threat LandScape as example, how can we categorize (GRU, SVR, FSB) in one hand and (APT28, APT829, Sandworm) on another han…
-
**Distribution (run `cat /etc/os-release`):**
**Related Application and/or Package Version (run `apt policy $PACKAGE NAME`):**
**Issue/Bug Description:**
I recently switched ov…
-
Bad actors could deploy workloads using features (API versions) not cover by the admission controller. Thus, bypassing the validations. We should look for a solution of how to prevent this to happen. …
-
The Microsoft Security blog has a post on 2021-03-26, saying that they plan to disable [domain fronting](https://www.bamsoftware.com/papers/thesis/#chap:domain-fronting) on Azure.
https://www.micro…
-
## Use case
I would like to be able to see all entities (observables, threat actors, indicators, etc...) that are contained in a graph translated to a table like the Entities and Observations tabs …
-
## Use case
Enable the possibility of changing the relationship type between threat actors, being able to change from part-of to cooperates by updating the relationship.
## Current Workaround…
-
Consider creating a new Actor top-level construct to act as a basis for extension for Threat Actor but also enabling characterization of defender and third party actors.
This would allow for consiste…
-
STIX 2.0 (https://oasis-open.github.io/cti-documentation/) is a JSON-based OASIS open standard used to codify and exchange details of cyber threat intelligence and cyber threat incidents, and covers t…
-
A detailed threat model has been created, taking in scenarios from both internal actors and container compromise. This solution provides a detailed set of attack trees and documentation with accompan…