OpenCTI - Open Cyber Threat Intelligence Platform

(12,669 views)

OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created in order to structure, store, organize and visualize technical and non-technical information about cyber threats.

The structuration of the data is performed using a knowledge schema based on the STIX2 standards. It has been designed as a modern web application including a GraphQL API and an UX oriented frontend. Also, OpenCTI can be integrated with other tools and applications such as MISP, TheHive, MITRE ATT&CK, etc.

Objective

The goal is to create a comprehensive tool allowing users to capitalize technical (such as TTPs and observables) and non-technical information (such as suggested attribution, victimlogy etc.) while linking each piece of information to its primary source (a report, a MISP event, etc.), with features such as links between each information, first and last seen dates, levels of confidence etc. The tool is able to use the MITRE ATT&CK framework (through a dedicated connector) to help structure the data. The user can also chose to implement its own datasets.

Once data has been capitalized and processed by the analysts within OpenCTI, new relations may be inferred from existing ones to facilitate the understanding and the representation of this information. This allow the user to extract and leverage meaningful knowledge from the raw data.

OpenCTI not only allows imports but also exports of data under different formats (CSV, STIX2 bundles, etc.). Connectorsare currently developped to accelerate interactions between the tool and other platforms.

Documentation and demonstration

If you want to know more on OpenCTI, you can read the documentation on the tool. If you wish to discover how the OpenCTI platform is working, a demonstration instance is available and open to everyone. This instance is reset every night and is based on reference data maintened by the OpenCTI developers.

Releases download

The releases are available on the Github releases page. You can also access to the rolling release package generated from the mater branch of the repository.

Installation

All you need to install the OpenCTI platform can be found in the official documentation. For installation, you can:

Contributing

Code of Conduct

OpenCTI has adopted a Code of Conduct that we expect project participants to adhere to. Please read the full text so that you can understand what actions will and will not be tolerated.

Contributing Guide

Read our contributing guide to learn about our development process, how to propose bugfixes and improvements, and how to build and test your changes to OpenCTI.

Beginner friendly issues

To help you get you familiar with our contribution process, we have a list of beginner friendly issues which are fairly easy to implement. This is a great place to get started.

Development

If you want to actively help OpenCTI, we created a dedicated documentation about the deployment of a development environement and how to start the source code modification.

Community

Status & bugs

Currently OpenCTI is under heavy development, if you wish to report bugs or ask for new features, you can directly use the Github issues module.

Discussion

If you need support or you wish to engage a discussion about the OpenCTI platform, feel free to join us on our Slack channel. You can also send us an email to [email protected].


About

OpenCTI is a product powered by the collaboration of the French national cybersecurity agency (ANSSI), the CERT-EUand the Luatix non-profit organization. More: https://github.com/OpenCTI-Platform/opencti

August 9, 2022
Subscribe
Notify of
guest
5 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Charles Charles
6 months ago

A very big thanks to kelvinethicalhacker at gmail com for the great the work you done for me, i got the email address on the net web when i needed to hack my husband cell phone he helped me within few hours with whatsApp hacking and GPS location tracking direct from my person phone i know how my husband walks, thanks for the helped you do for me for every grateful for your helped, you can contact him through gmail via kelvinethicalhacker at gmail.com or Telegram, calls, text, number +1(341)465-4599, if you are in needed of hacking services, contact him..

Lizzy Agnes
8 months ago

A great hacker is really worthy of good recommendation , Henry
really help to get all the evidence i needed against my husband and
and i was able to confront him with this details from this great hacker
to get an amazing service done with the help ,he is good with what he does and the charges are affordable, I think all I owe him is publicity for a great work done via, Henryclarkethicalhacker at gmail com, and you can text, call him on whatsapp him on +12014305865, or +17736092741, 

Steffen
1 year ago

a lot of links on this site appear to be dead, especially those in the “installation” section…

Agata Staszelis
Admin
1 year ago
Reply to  Steffen

Hi! It seems that a couple of days ago there was an update. That might be the reason why some links don’t work. You can use the GitHub page for this tool for more information. Good luck! https://github.com/OpenCTI-Platform/opencti

fabian
1 year ago

Hola de pronto puedo conseguir casos prácticos de implementación con otras plataformas o herramientas con OPENCTI?

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.
What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.