CTI-Stix-Diamond-Activity-Attack-Graph
April 2021
Open Source tool for visualizing STIX 2.1 contentin an Attack Graph and Activity Thread Graph by applying The Diamond Model of Intrusion Analysis methodology as well as Tactics (Phases), Techniques and Procedures (TTP) from the MITRE ATT&CK framework
More precisely the Attack Graph aims to provide a graphical representation of a known attack scenario sourced by some adversary (Threat Actor) whereas the Activity Thread Graph represents the local findings... Read more
Sign up for FREE online training sessions
March 2023 - June 2021
Intelligence-driven Threat Hunting for improving SOC maturity levelwith SANS 6-step Incident Response, MITRE ATT&CK phase-ordered kill chain, The Diamond Model of Intrusion Analysis, TIBER-EU, Structured Threat Information Expression (STIX) and more
Abstract:
In order to increase their maturity level, SOC organizations frequently introduce intelligence-driven Threat Hunting. Benefits of intel-driven Threat Hunting are... Read more
December 2019
Rukhsar’s GCFA Gold paper
Read Rukhsar's GCFA Gold paper with the title Threat Hunting and Incident Response in a post-compromised environment
