the dogesec blog | dogesec
much post. so knowledge. many intel. very subscribe. wow.| dogesec
Obstracts is the blog feed reader used by the worlds most targetted cyber-security teams. Let me show you why.| dogesec
RSS and ATOM feeds are problematic (for our use-cases) for two reasons; 1) lack of history, 2) contain limited post content. We built some open-source software to fix that.| dogesec
Many attacks are described using free text. This happens, then this, then this. Whereas detection rules provide a structured way to represent these descriptions with actionable content. Attack Flows are the perfect vehicle to combine the two approaches.| dogesec
MITRE ATT&CK techniques are useful, but they don’t capture the sequence of an attack. Enter Attack Flows.| dogesec
Learn how to seamlessly convert Sigma Rules into queries for your SIEM. Follow along with real examples.| dogesec
Correlation Rules allow you to detect threats by linking multiple events together based on a meaningful relationship.| dogesec
Sigma Rules are becoming more widely adopted as the standard detection language. Learning how to write them is not difficult. Let me show you.| dogesec
Learn how to turn threat intelligence into actionable detection rules. Learn how to build behavioral detection using STIX Patterns, and link sightings to evidence.| dogesec
Discover how MITRE ATLAS is helping to defend AI systems as I share a detailed explanation of how the knowledge-base is architected.| dogesec
Sometimes the default STIX 2.1 objects will not be broad enough for your needs. This post describes how you can extend the STIX specification when required.| dogesec
STIX 2.1 allows you to tell stories by connecting objects together to form the story-line of cyber actors, campaigns, incidents, and much more. In this post I explain how.| dogesec
Here is a quick-start guide to CTI Butler showing you how much easier it makes working with these frameworks.| dogesec
Despite countless frameworks, best practices, blog posts… so many developers still hardcode credentials into their code.| dogesec
Follow along as I show you how to store 200,000 CVEs as STIX objects, then use CVSS, EPSS, CISA KEV and CPE data to search and filter them.| dogesec
Turn card numbers into STIX 2.1 objects. Enrich the data with issuer information. Track transactions made by the card. Then link the cards and transactions to other STIX objects in your research (Actors, Incidents, etc.).| DOGESEC
I recently conducted a project to identify the most prolific ransomware based on the ransom payments being made. Let me walk you through how I did it.| DOGESEC
Take the list of recognised countries and regions. Create STIX objects for them. Make them available to everyone so that the CTI world has a single way of representing them.| DOGESEC
