Intel-grapher

[this blog is based on my new project located here https://github.com/planglois925/intel-grapher ] While relationships are often complex, there’s sometimes a lot of value that you can get from deeply examining relations in a standardized fashion. A relatively new comer in the database world, graph databases, allows just that through a flexible means of capturing and describing relationships … Continue reading Intel-grapher

A Case for Standardizing Tooling Capabilities Language

For the defenders supporting and protecting networks, the deluge of data, alerts, best practices, notices and regulations can overwhelm even the hardiest of us. Fortunately for the defenders the tools they use have evolved in maturity, functionality and interoperability, however, understanding the specific  capability of the tools and how they help you achieve certain regulations … Continue reading A Case for Standardizing Tooling Capabilities Language

Leveraging Social Media for Operational Threat Intelligence. Part Deux

Implementing Further filtering This part 2 of my series, the first part can be read here: Leveraging Social Media for Operational Threat Intelligence Now that you have the ability to connect to twitter and directly pull down tweets, we want to start building out the functionality that will identify which of these tweets are the most … Continue reading Leveraging Social Media for Operational Threat Intelligence. Part Deux

Leveraging Social Media for Operational Threat Intelligence pt 1

For many organization’s social media monitoring is a key component of being able to detect specific threats from cyber threat actors. While some nation states and terrorist groups will leverage social media as part of their larger strategic efforts to influence populations, recruit followers and create C2 infrastructure, hacktivists and other cyber criminals will often … Continue reading Leveraging Social Media for Operational Threat Intelligence pt 1