cti-cmm / framework
A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry Needs, developed by those in trenches.
☆19Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for framework
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 2 years ago
- Open source training materials for law-enforcement and organisations interested in DFIR.☆56Updated 2 months ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆47Updated last year
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- CSIRT Jump Bag☆27Updated 7 months ago
- Threat Box Assessment Tool☆19Updated 3 years ago
- My Jupyter Notebooks☆36Updated 7 months ago
- A home for detection content developed by the delivr.to team☆59Updated last week
- Cyber Threats Detection Rules☆13Updated 2 months ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆34Updated 2 years ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆52Updated last month
- Merge of two major cyber adversary datasets, MITRE ATT&CK and ETDA/ThaiCERT Threat Actor Cards, enabling victim/motivation-adversary-tech…☆50Updated 2 years ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆56Updated last week
- Quick script to build host or investigation timelines using Carbon Black Response☆12Updated 6 years ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆31Updated 2 years ago
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆18Updated last year
- Converting data from services like Censys and Shodan to a common data model☆48Updated 2 months ago
- Hunt malware with Volatility☆47Updated 6 months ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆115Updated 11 months ago
- Python library for threat intelligence☆80Updated 4 months ago
- A collection of tips for using MISP.☆74Updated 7 months ago
- Cyber Underground General Intelligence Requirements☆89Updated 9 months ago
- Get started using Synapse Open-Source to start a Cortex and perform analysis within your area of expertise.☆38Updated 2 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆65Updated 8 months ago
- Creating a Feed of MISP Events from ThreatFox (by abuse.ch)☆19Updated 3 years ago
- ☆46Updated 2 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated 3 weeks ago