In this post I will explain the difference between UUID versions and which versions are best suited to different scenarios when modelling threat intelligence.
Blog
The Signals Corps blog
-
STIX 2.1 109: Choosing a UUID version to generate STIX Object IDs
Tutorials Stix January 09, 2023
-
CACAO Playbooks 104: Authoring
Tutorials Cacao December 26, 2022
In this post I will show you how to create a Playbook from scratch.
-
CACAO Playbooks 103: Integrations
Tutorials Cacao December 12, 2022
In this post I will look at integrating CACAO playbooks into other products (MISP) and other standards (STIX 2.1).
-
CACAO Playbooks 102: Building Workflows
Tutorials Cacao November 28, 2022
In this post I will show you how workflows inside a playbook can be created so you can start to construct your own.
-
CACAO Playbooks 101: Basic Structure
Tutorials Cacao November 14, 2022
In this post I will introduce the basic concepts of OASIS CACAO playbooks and how they can be used.
-
STIX 2.1 104.5: Creating Extension Schemas
Tutorials Stix October 31, 2022
In this post I will show you how I craft STIX schemas for STIX 2.1 Extensions.
-
Writing intelligence reports using GPT-3 (part 3)
Research October 17, 2022
In this post I will experiment with generating rich threat intelligence reports using the knowledge obtained through existing intelligence.
-
More experiments with threat intelligence enrichment using GPT-3 (part 2)
Research October 03, 2022
In this post I will continue where I left off in my last post to try and add additional context to the report with external context.
-
Using GPT-3 to create structured threat intelligence (part 1)
Research September 19, 2022
In this post I will show you some of my early attempts to try and productise what GPT-3 can do to aid the work of Intelligence Analysts.
-
Getting Started with STIX Shifter
Stix September 05, 2022
In this post I will show you how to turn STIX Patterns into common threat detection languages.