opencti
opencti copied to clipboard
OpenCTI-Platform
Open Cyber Threat Intelligence Platform
## Use case Implementing an ssdeep / fuzzy hashes parameter for the File object would allow analysts to link File observables that are not exactly the same , but extremely...
Hi All just wondering if you have any documentation around a TAXII connector for OpenCTI and integration against MS Sentinel for the life of me I cant find any documentation...
## Description ## Environment 1. Ubuntu 18.04 2. OpenCTI 5.3.7 3. OpenCTI client: frontend 4. Other environment details: ## Reproducible Steps Steps to create the smallest reproducible scenario: 1. Untar...
## Use case When Working as a part of a team, it would be beneficial to be able to see what each user has done. If i can export history...
CTI was running good, but after some time, dashboard numbers stopped at some stage (added alien vault for now) upon inquiry I am seeing these logs for Alien Vault Attached...
## Description We’ve just upgraded from 5.1.4 -> 5.2.4 -> 5.3.7 and found an issue with taxii2. We can successfully do ``` GET /taxii2/root/collections /taxii2/root/collections/:id /taxii2/root/collections/:id/manifest ``` and using an...
## Use case It might be useful to export, or view all file observables related to a specific Entity, such as the Conti Intrusion Set. This goes for any type...
## Description With our LastInfoSec connector, the malware information on the platform not updating from our tactic feed. As a reminder, we reported and exchanged with Samuel on a similar...
## Use case There are few cases where we link entities (intrusionSet, Malware, Tools ...etc) incorrectly with different other entities. Upon deleting the main entity, all linked relations should be...
## Use case In the Knowledge graph, relationship types are denoted with small text that is inline with the relationship line. In the Investigations view, relationships types are their own...
Metadata
Owner
Metadata
Open Cyber Threat Intelligence Platform