In this post I will show you some of my early attempts to try and productise what OpenAI can do to aid the work of Intelligence Analysts.

In this post I will show you the design decisions that went into building the cve2stix API (and why I didn’t choose TAXII).

In this post I will show you how cve2stix enriches CVEs to provide additional context to each vulnerability.

In this post I will show you how to use STIX 2.1 SDOs, SCOs, and SROs to standardised the way vulnerabilities are represented.

In this post I will show you how to analyse CPE combinations reported in CVEs to identify vulnerable products.

In this post I will introduce the important concepts of CVEs and CPEs and explain how to work with them using the NVD API.

In this post I will explain the difference between UUID versions and which versions are best suited to different scenarios when modelling threat intelligence.

In this post I will show you how to create a Playbook from scratch.

In this post I will look at integrating CACAO playbooks into other products (MISP) and other standards (STIX 2.1).

In this post I will show you how workflows inside a playbook can be created so you can start to construct your own.