In this post I will explain the difference between UUID versions and which versions are best suited to different scenarios when modelling threat intelligence.
Blog
The Signals Corps blog
-
STIX 2.1 109: Choosing a UUID version to generate STIX Object IDs
Tutorials Stix December 12, 2022
-
STIX 2.1 104.5: Creating Extension Schemas
Tutorials Stix October 17, 2022
In this post I will show you how I craft STIX schemas for STIX 2.1 Extensions.
-
Getting Started with STIX Shifter
Stix September 05, 2022
In this post I will show you how to turn STIX Patterns into common threat detection languages.
-
STIX 2.1 108: Storing Objects in a Graph Database
Stix September 06, 2021
In this post I will show you how Signals Corps products use ArangoDB to store STIX 2.1 Objects.
-
STIX 2.1 107: Tooling
Tutorials Stix August 23, 2021
In this post I will introduce you to a few tools that will help you create and manage STIX 2.1 content.
-
STIX 2.1 106: Bundling
Tutorials Stix August 09, 2021
In this post I will show you how to package your STIX Objects so that they can be shared with others and integrated with other software.
-
STIX 2.1 105: Versioning
In this post I will show you some best practices for modifying STIX Objects by implementing proper versioning.
-
STIX 2.1 104: Customisation
In this post I will talk about customising STIX Objects when the predefined specification does not meet the needs of a data creators.
-
STIX 2.1 103: Patterns
In this post I will deconstruct STIX Patterns and demonstrate how to write effective detection rules (aka patterns).
-
STIX 2.1 102: Relationships
In this post I will talk about how STIX 2.1 Objects can be connected to build a complete picture of a threat.
-
STIX 2.1 101: Objects
In this post I will introduce some of the basic STIX concepts with a focus on STIX 2.1 Domain Objects (SDOs).