OpenCTI - Open Cyber Threat Intelligence Platform

Aug 9, 2022

OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created in order to structure, store, organize and visualize technical and non-technical information about cyber threats.

The structuration of the data is performed using a knowledge schema based on the STIX2 standards. It has been designed as a modern web application including a GraphQL API and an UX oriented frontend. Also, OpenCTI can be integrated with other tools and applications such as MISP, TheHive, MITRE ATT&CK, etc.

Objective

The goal is to create a comprehensive tool allowing users to capitalize technical (such as TTPs and observables) and non-technical information (such as suggested attribution, victimlogy etc.) while linking each piece of information to its primary source (a report, a MISP event, etc.), with features such as links between each information, first and last seen dates, levels of confidence etc. The tool is able to use the MITRE ATT&CK framework (through a dedicated connector) to help structure the data. The user can also chose to implement its own datasets.

Once data has been capitalized and....

Author

Hakin9 TEAM
Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

2 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Steffen
2 years ago

a lot of links on this site appear to be dead, especially those in the “installation” section…

Agata Staszelis
Admin
1 year ago
Reply to  Steffen

Hi! It seems that a couple of days ago there was an update. That might be the reason why some links don’t work. You can use the GitHub page for this tool for more information. Good luck! https://github.com/OpenCTI-Platform/opencti

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023