dogesec
LightNews LightNews
banner
dogesec.com
dogesec
@dogesec.com
190 followers 62 following 13 posts
We build software for cyber #threatintelligence analysts. https://www.dogesec.com/
www.dogesec.com
Posts Media Videos Starter Packs
dogesec.com
dogesec @dogesec.com · Jan 15
Last year we created a map of MITRE #ATT&CK objects to really help us understand how they were connected, beyond just Tactics and Techniques.

It continues to help us immensely when categorising #threatintel.

Hopefully you'll find it useful too.

miro.com/app/board/uX...
3
dogesec.com
dogesec @dogesec.com · Dec 24
Take a #mitreattack technique. Find out what #vulnerabilities that technique is used to exploit.

And a whole lot more...

youtu.be/J_LbAzoUpd4
Arango CVE Processor [OSS DEMO]: Enrich vulnerabilities. Explore on a graph.
YouTube video by dogesec
youtu.be
dogesec.com
dogesec @dogesec.com · Dec 23
#threatintel peeps: understanding how #ransomware operators are performing financially can give a good indication of where to focus your research and defensive activities.

www.dogesec.com/blog/stix_gr...
Graphing the Ransomware Payment Ecosystem using STIX Objects
I recently conducted a project to identify the most prolific ransomware based on the ransom payments being made. Let me walk you through how I did it.
www.dogesec.com
dogesec.com
dogesec @dogesec.com · Dec 18
We've just added @doublepulsar.com to our list of Awesome #threatintel Blogs...

github.com/muchdogesec/...
GitHub - muchdogesec/awesome_threat_intel_blogs: A curated list of Awesome Threat Intelligence Blogs
A curated list of Awesome Threat Intelligence Blogs - muchdogesec/awesome_threat_intel_blogs
github.com
2
dogesec.com
dogesec @dogesec.com · Dec 18
We wanted a #TAXII Server to distribute our #threatintel into #MISP servers.

We didn't want a full blown TIP platform, nor did we want to write custom connectors to our graph database.

So we built Arango TAXII Server.

www.youtube.com/watch?v=tYWO...
Arango TAXII Server [OSS DEMO]: Easily Distribute your Threat Intelligence
YouTube video by DOGESEC
www.youtube.com
1
dogesec.com
dogesec @dogesec.com · Dec 16
Or for those brave people who just want to jump straight into the code:

github.com/muchdogesec/...
GitHub - muchdogesec/arango_cti_processor: A small script that creates relationships between common CTI knowledge-bases in STIX 2.1 format.
A small script that creates relationships between common CTI knowledge-bases in STIX 2.1 format. - muchdogesec/arango_cti_processor
github.com
1
dogesec.com
dogesec @dogesec.com · Dec 16
For those the prefer a video:

www.youtube.com/watch?v=CcoA...
Arango CTI Processor [OSS DEMO]: traverse threat intelligence knowledge-bases on a graph
YouTube video by DOGESEC
www.youtube.com
dogesec.com
dogesec @dogesec.com · Dec 16
All of our #threatintel is stored on a single network graph. You can traverse it easily to further enrich your research.

In this post we lift the lid on one small part of that graph... how we link popular knowledge-bases like MITRE's #attack an #cwe.

www.dogesec.com/blog/how_cti...
How CTI Butler Creates a Threat Intelligence Graph
CTI Butler links many common knowledge bases, for example linking MITRE ATT&CK to CAPEC objects, to improve the context of our research. This post describes the logic CTI Butler employs behind the sce...
www.dogesec.com
2
dogesec.com
dogesec @dogesec.com · Dec 12
MITRE #ATT&CK ATT&CKcon 5.0 recordings now on YT

www.youtube.com/playlist?lis...
ATT&CKcon 5.0 - YouTube
www.youtube.com
dogesec.com
dogesec @dogesec.com · Dec 12
tl;dr ATLAS = ATT&CK for AI.
dogesec.com
dogesec @dogesec.com · Dec 12
MITRE ATLAS is a knowledge base of adversary tactics, techniques, and case studies for AI systems.

CTI Butler now supports the latest version MITRE ATLAS (v4.7.0) 🎉

The framework is already indispensable for our team when classifying #threatintelligence research.

github.com/muchdogesec/...
GitHub - muchdogesec/ctibutler: A web API for various cyber threat intelligence frameworks, including MITRE ATT&CK, CWE, ATLAS...
A web API for various cyber threat intelligence frameworks, including MITRE ATT&CK, CWE, ATLAS... - muchdogesec/ctibutler
github.com
1 1
dogesec.com
dogesec @dogesec.com · Dec 9
@nasbench.bsky.social 👀
1
dogesec.com
dogesec @dogesec.com · Dec 9
Compared to release v2023-08-24, in v2024-11-10 there are 469 more public #detectionrules in the #SigmaRules repository.

www.dogesec.com/blog/analysi...

#threatintelligence #threatintel
1 1 3