In this post I will introduce the basic concepts of OASIS CACAO playbooks and how they can be used.
Blog
The Signals Corps blog
-
CACAO Playbooks 101: Basic Structure
Tutorials Cacao October 31, 2022
-
STIX 2.1 104.5: Creating Extension Schemas
Tutorials Stix October 17, 2022
In this post I will show you how I craft STIX schemas for STIX 2.1 Extensions.
-
file2stix + RSS = Structured Threat Intelligence from blog posts
Products October 03, 2022
In this post I will show you how file2stix can be used to process RSS feeds, including dealing with partial feeds and historic posts.
-
Building file2stix: Parse unstructured text into STIX 2.1 Objects
Products September 19, 2022
In this post I will describe some of the problems I wanted to solve building file2stix, the research that went into it, and a few tips to get up and running with the tool.
-
Getting Started with STIX Shifter
Stix September 05, 2022
In this post I will show you how to turn STIX Patterns into common threat detection languages.
-
MITRE ATT&CK 109: Sightings
Tutorials Att&ck August 22, 2022
In this bonus tutorial post I delve into MITRE’s ATT&CK Sightings initiative.
-
MITRE ATT&CK 108: My favourite talks from MITRE's ATT&CKCON 3.0
Tutorials Att&ck August 08, 2022
In this post I end the tutorial series with some real world examples of how ATT&CK is being used from the most recent ATT&CKCON.
-
MITRE ATT&CK 107: Integrating Workbench Data to Other Tools
Tutorials Att&ck July 25, 2022
In this post I will show you how to export and share your custom versions of ATT&CK.
-
MITRE ATT&CK 106: Using the Workbench to Create Custom Objects
Tutorials Att&ck July 11, 2022
In this post I will show you I will show you how to create new and and edit existing ATT&CK Objects.
-
MITRE ATT&CK 105: Threat Report ATT&CK Mapping (TRAM)
Tutorials Att&ck June 27, 2022
In this post I will show you how to turn unstructured data into structured threat intelligence with ATT&CK context.