In my second post of this series, I will cover how to shore up your defenses with the help of the MITRE ATT&CK Navigator.
Blog
The Signals Corps blog
Obstracts | SIEM Rules | Stixify | Vulmatch | Updates | Misc
-
Getting started with MITRE ATT&CK Navigator (Part 2)
Obstracts Stixify June 06, 2022
-
Getting started with MITRE ATT&CK Navigator (Part 1)
Obstracts Stixify May 23, 2022
In my first post of this series, I will cover how to model an intelligence report in the ATT&CK Navigator.
-
Turning Unstructured Data into Structured Threat Intelligence
Obstracts Stixify May 09, 2022
So that is can be used in SOC detection workflows.
-
My favourite talks from MITRE's ATT&CKCON 3.0
Misc April 25, 2022
A short summary of the conference dedicated to the MITRE ATT&CK community.
-
MITRE ATT&CK - things you might have missed...
Siem-rules April 11, 2022
Going below the surface of the ATT&CK matrix.
-
How to write detection and hunting queries using Kusto in Microsoft Sentinel (Part 2)
Siem-rules March 28, 2022
Last weeks post introduced the basics of Sentinel Detection and Hunting rules.
-
How to write detection rules using Kusto in Microsoft Sentinel (Part 1)
Siem-rules March 14, 2022
I see more-and-more people we work with starting to use Microsoft Sentinel.
-
A STIX 2.1 Indicator Object Pattern Matching Game
Siem-rules February 28, 2022
Put the skills you learned about STIX 2.1 Patterning in last weeks post to the test.
-
An Introductory Look at STIX 2.1 Indicator Object Patterns (Part 1)
Siem-rules February 14, 2022
Deconstructing STIX Patterns to write effective detection rules.
-
What is the difference between a STIX Domain and STIX Cyber-Observable Object?
Siem-rules January 31, 2022
The STIX 2.1 is a schema that defines a taxonomy of cyber threat intelligence that is represented by different Object types.