dogesec
@dogesec.com
Last year we created a map of MITRE #ATT&CK objects to really help us understand how they were connected, beyond just Tactics and Techniques.
It continues to help us immensely when categorising #threatintel.
Hopefully you'll find it useful too.
miro.com/app/board/uX...
It continues to help us immensely when categorising #threatintel.
Hopefully you'll find it useful too.
miro.com/app/board/uX...
January 15, 2025 at 11:31 AM
Last year we created a map of MITRE #ATT&CK objects to really help us understand how they were connected, beyond just Tactics and Techniques.
It continues to help us immensely when categorising #threatintel.
Hopefully you'll find it useful too.
miro.com/app/board/uX...
It continues to help us immensely when categorising #threatintel.
Hopefully you'll find it useful too.
miro.com/app/board/uX...
Take a #mitreattack technique. Find out what #vulnerabilities that technique is used to exploit.
And a whole lot more...
youtu.be/J_LbAzoUpd4
And a whole lot more...
youtu.be/J_LbAzoUpd4
Arango CVE Processor [OSS DEMO]: Enrich vulnerabilities. Explore on a graph.
YouTube video by dogesec
youtu.be
December 24, 2024 at 1:48 PM
Take a #mitreattack technique. Find out what #vulnerabilities that technique is used to exploit.
And a whole lot more...
youtu.be/J_LbAzoUpd4
And a whole lot more...
youtu.be/J_LbAzoUpd4
#threatintel peeps: understanding how #ransomware operators are performing financially can give a good indication of where to focus your research and defensive activities.
www.dogesec.com/blog/stix_gr...
www.dogesec.com/blog/stix_gr...
Graphing the Ransomware Payment Ecosystem using STIX Objects
I recently conducted a project to identify the most prolific ransomware based on the ransom payments being made. Let me walk you through how I did it.
www.dogesec.com
December 23, 2024 at 7:23 AM
#threatintel peeps: understanding how #ransomware operators are performing financially can give a good indication of where to focus your research and defensive activities.
www.dogesec.com/blog/stix_gr...
www.dogesec.com/blog/stix_gr...
We've just added @doublepulsar.com to our list of Awesome #threatintel Blogs...
github.com/muchdogesec/...
github.com/muchdogesec/...
GitHub - muchdogesec/awesome_threat_intel_blogs: A curated list of Awesome Threat Intelligence Blogs
A curated list of Awesome Threat Intelligence Blogs - muchdogesec/awesome_threat_intel_blogs
github.com
December 18, 2024 at 10:43 AM
We've just added @doublepulsar.com to our list of Awesome #threatintel Blogs...
github.com/muchdogesec/...
github.com/muchdogesec/...
We wanted a #TAXII Server to distribute our #threatintel into #MISP servers.
We didn't want a full blown TIP platform, nor did we want to write custom connectors to our graph database.
So we built Arango TAXII Server.
www.youtube.com/watch?v=tYWO...
We didn't want a full blown TIP platform, nor did we want to write custom connectors to our graph database.
So we built Arango TAXII Server.
www.youtube.com/watch?v=tYWO...
Arango TAXII Server [OSS DEMO]: Easily Distribute your Threat Intelligence
YouTube video by DOGESEC
www.youtube.com
December 18, 2024 at 10:33 AM
We wanted a #TAXII Server to distribute our #threatintel into #MISP servers.
We didn't want a full blown TIP platform, nor did we want to write custom connectors to our graph database.
So we built Arango TAXII Server.
www.youtube.com/watch?v=tYWO...
We didn't want a full blown TIP platform, nor did we want to write custom connectors to our graph database.
So we built Arango TAXII Server.
www.youtube.com/watch?v=tYWO...
All of our #threatintel is stored on a single network graph. You can traverse it easily to further enrich your research.
In this post we lift the lid on one small part of that graph... how we link popular knowledge-bases like MITRE's #attack an #cwe.
www.dogesec.com/blog/how_cti...
In this post we lift the lid on one small part of that graph... how we link popular knowledge-bases like MITRE's #attack an #cwe.
www.dogesec.com/blog/how_cti...
How CTI Butler Creates a Threat Intelligence Graph
CTI Butler links many common knowledge bases, for example linking MITRE ATT&CK to CAPEC objects, to improve the context of our research. This post describes the logic CTI Butler employs behind the sce...
www.dogesec.com
December 16, 2024 at 7:33 AM
All of our #threatintel is stored on a single network graph. You can traverse it easily to further enrich your research.
In this post we lift the lid on one small part of that graph... how we link popular knowledge-bases like MITRE's #attack an #cwe.
www.dogesec.com/blog/how_cti...
In this post we lift the lid on one small part of that graph... how we link popular knowledge-bases like MITRE's #attack an #cwe.
www.dogesec.com/blog/how_cti...
MITRE ATLAS is a knowledge base of adversary tactics, techniques, and case studies for AI systems.
CTI Butler now supports the latest version MITRE ATLAS (v4.7.0) 🎉
The framework is already indispensable for our team when classifying #threatintelligence research.
github.com/muchdogesec/...
CTI Butler now supports the latest version MITRE ATLAS (v4.7.0) 🎉
The framework is already indispensable for our team when classifying #threatintelligence research.
github.com/muchdogesec/...
GitHub - muchdogesec/ctibutler: A web API for various cyber threat intelligence frameworks, including MITRE ATT&CK, CWE, ATLAS...
A web API for various cyber threat intelligence frameworks, including MITRE ATT&CK, CWE, ATLAS... - muchdogesec/ctibutler
github.com
December 12, 2024 at 1:08 PM
MITRE ATLAS is a knowledge base of adversary tactics, techniques, and case studies for AI systems.
CTI Butler now supports the latest version MITRE ATLAS (v4.7.0) 🎉
The framework is already indispensable for our team when classifying #threatintelligence research.
github.com/muchdogesec/...
CTI Butler now supports the latest version MITRE ATLAS (v4.7.0) 🎉
The framework is already indispensable for our team when classifying #threatintelligence research.
github.com/muchdogesec/...
Compared to release v2023-08-24, in v2024-11-10 there are 469 more public #detectionrules in the #SigmaRules repository.
www.dogesec.com/blog/analysi...
#threatintelligence #threatintel
www.dogesec.com/blog/analysi...
#threatintelligence #threatintel
December 9, 2024 at 10:41 AM
Compared to release v2023-08-24, in v2024-11-10 there are 469 more public #detectionrules in the #SigmaRules repository.
www.dogesec.com/blog/analysi...
#threatintelligence #threatintel
www.dogesec.com/blog/analysi...
#threatintelligence #threatintel