-
view the details of an incident. also enable association of threat intelligence packages / observables to the incident
zeroq updated
5 years ago
-
Classify the attacks recorded into scans from internet probes or from attacks. This helps in threat analysis and intelligence.
-
"Sighting" on galaxy (not derived from event) - open discussion
- Preventive measures can be "sighted" like "I know this measure is working and functional" even if I haven't used to tag any event. …
-
**Is your feature request related to a problem?**
Customers have constant streams of threat intel feeds which contain millions of malicious IPs or DNS or other Indicators of Compromise (IoCs).
They …
-
### Summary of the new feature / enhancement
Add support for
[ ] Fusion
[ ] NRT
[ ] ML
[ ] Threat Intelligence
[ ] Microsoft Security
### Proposed technical implementation details (optional)
…
-
Release date: 2022-02-28
Vendor: Symantec
Link: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage
-
I'm sure that it's a false positive, but I wanted to flag it anyway:
Zip archive: https://www.virustotal.com/gui/file/2a69e746f280fe6aa1061c4219d35ff2ddcf4af2eacda4584da1a3cafee05fa8
Individual EX…
-
Adding some rich resource on threat intelligence and detection Either on scavenger_hunt or incident_response:
https://attack.mitre.org/wiki/Main_Page
-
- https://owasp.org/www-pdf-archive/OWASP_SCP_Quick_Reference_Guide_v2.pdf
- https://www.reddit.com/r/linuxupskillchallenge/
AOrps updated
1 month ago
-
![Cyber threat intelligence platform 2023-08-01 15-21-34](https://github.com/OpenCTI-Platform/opencti/assets/19428462/cbf195fe-ce87-4954-b9e7-a34a9372dadc)
Labels displayed on the bulletin board sc…