In this post I will look at integrating CACAO playbooks into other products (MISP) and other standards (STIX 2.1).
Blog
The Signals Corps blog
-
CACAO Playbooks 103: Integrations
Tutorials Cacao November 28, 2022
-
CACAO Playbooks 102: Building Workflows
Tutorials Cacao November 14, 2022
In this post I will show you how workflows inside a playbook can be created so you can start to construct your own.
-
CACAO Playbooks 101: Basic Structure
Tutorials Cacao October 31, 2022
In this post I will introduce the basic concepts of OASIS CACAO playbooks and how they can be used.
-
STIX 2.1 104.5: Creating Extension Schemas
Tutorials Stix October 17, 2022
In this post I will show you how I craft STIX schemas for STIX 2.1 Extensions.
-
file2stix + RSS = Structured Threat Intelligence from blog posts
Products October 03, 2022
In this post I will show you how file2stix can be used to process RSS feeds, including dealing with partial feeds and historic posts.
-
Building file2stix: Parse unstructured text into STIX 2.1 Objects
Products September 19, 2022
In this post I will describe some of the problems I wanted to solve building file2stix, the research that went into it, and a few tips to get up and running with the tool.
-
Getting Started with STIX Shifter
Stix September 05, 2022
In this post I will show you how to turn STIX Patterns into common threat detection languages.
-
MITRE ATT&CK 109: Sightings
Tutorials Att&ck August 22, 2022
In this bonus tutorial post I delve into MITRE’s ATT&CK Sightings initiative.
-
MITRE ATT&CK 108: My favourite talks from MITRE's ATT&CKCON 3.0
Tutorials Att&ck August 08, 2022
In this post I end the tutorial series with some real world examples of how ATT&CK is being used from the most recent ATT&CKCON.
-
MITRE ATT&CK 107: Integrating Workbench Data to Other Tools
Tutorials Att&ck July 25, 2022
In this post I will show you how to export and share your custom versions of ATT&CK.
1 of 4
Older posts →