STIX 2.1 Domain Objects are a great way to describe threat intelligence.
Blog
The Signals Corps blog
Obstracts | SIEM Rules | Stixify | Vulmatch | Updates | Misc
-
Modelling ATT&CK, CAPEC and CWE as STIX 2.1 Domain Objects to represent CVEs
Vulmatch January 03, 2022
-
Our Favourite Cyber Security Posts of 2021
Obstracts December 27, 2021
Yes, here it is; that “end of year, look back at what happened, and what’s coming next” type post.
-
Third Log4j Vulnerability Published
Vulmatch December 20, 2021
During discussions about Log4j over the past 10 days, a comment from a colleague really stuck out to me:
-
What the Industry is Saying About the Apache Log4Shell Zero-Day?
Obstracts Vulmatch December 13, 2021
Here are a range of thoughts from across the security industry posted over the weekend about the Log4Shell Vulnerability…
-
Sigma Rules 101: Converting to Other Rule Formats (Part 4)
Siem-rules December 06, 2021
Translating for your SIEM.
-
Sigma Rules 101: Writing the Detection (Part 3)
Siem-rules November 29, 2021
How to define what to look for.
-
Sigma Rules 101: Defining the Logsource (Part 2)
Siem-rules November 22, 2021
Now to set where to search.
-
Sigma Rules 101: Introducing the YAML Syntax (Part 1)
Siem-rules November 15, 2021
Let’s start with the basics.
-
Turning Over 100k CVE's (and counting) into STIX Bundles
Vulmatch November 08, 2021
During the late 1990s, networked devices were taking off.
-
Trying out the new TAXII data Connector for Azure Sentinel
Obstracts Stixify Vulmatch November 01, 2021
I have a soft spot for STIX and TAXII.