In this post I will show you the architecture of the hosted version of cve2stix.
The Signals Corps blog
Building cve2stix: Architecting as a cloud first service (part 6)
Products March 20, 2023
Building cve2stix: Designing the API (part 5)
Products March 06, 2023
In this post I will show you the design decisions that went into building the cve2stix API (and why I didn’t choose TAXII).
Building cve2stix: Enriching NVD CVE data (part 4)
Products February 20, 2023
In this post I will show you how cve2stix enriches CVEs to provide additional context to each vulnerability.
Building cve2stix: Modelling NVD Data as STIX 2.1 Objects (part 3)
Products February 06, 2023
In this post I will show you how to use STIX 2.1 SDOs, SCOs, and SROs to standardised the way vulnerabilities are represented.
Building cve2stix: CPE and CVEs matching (part 2)
Products January 23, 2023
In this post I will show you how to analyse CPE combinations reported in CVEs to identify vulnerable products.
Building cve2stix: CPEs, CVEs, and the NVD APIs (part 1)
Products January 09, 2023
In this post I will introduce the important concepts of CVEs and CPEs and explain how to work with them using the NVD API.
file2stix + RSS = Structured Threat Intelligence from blog posts
Products October 03, 2022
In this post I will show you how file2stix can be used to process RSS feeds, including dealing with partial feeds and historic posts.
Building file2stix: Parse unstructured text into STIX 2.1 Objects
Products September 19, 2022
In this post I will describe some of the problems I wanted to solve building file2stix, the research that went into it, and a few tips to get up and running with the tool.