RE&CT framework released!
A knowledge base of actionable Incident Response techniques, based on @MITREattack philosophy.
Mapping to ATT&CK / AMITT, export to @TheHive_Project templates, visualization in the Navigator, and more!
https://t.co/RTHfhqCgi1
#incidentresponse#dfir
We stand with Ukraine and its people at this difficult time.
Russian invasion, supported by Belarus, must stop.
We condemn the actions of aggressors countries' leadership, not the people who live there.
The initiative will stay open for everyone, regardless nationality.
OSCD: Simulation, Detection & Response Sprint #2 Summary has been published.
Thanks to all the participants and those who helped with it!
Stay tuned!
#ThreatIntel#ThreatHunting#ThreatDetection#BlueTeam
Links:
[EN] https://t.co/m8FAzj2X0D
[RU] https://t.co/jR9t3O2omH
Similar to using Notion previously, extended @atc_project's RE&CT, which generates @Confluence pages for security response actions, with the name of the runbook that @tines_io should use to remediate alerts. Documentation that directly improves #cybersecurity outcomes.
Just merged the huge @oscd_initiative pull request into the Sigma master branch. Lots of new and improved rules.
Big thanks to all contributors, it was a pleasure to review!
Slides of the CyCAT project - Lightning Talk given by @_saadk and @adulau are available. If you want to have an overview of the project, please have a look. We welcome feedback and ideas. #cybersecurity
https://t.co/S2ani132xD
@DCSecuritydk thanks for kind feedback! we are still working on @oscd_initiative stuff, but at the same time a few updates regarding atc-data and further re&ct improvements are coming (:
here is a way to show your support and send kudos to all hard workers that contributed to @sigma_hq, @redcanary Atomic Red Team, and @TheHive_Project projects during the OSCD sprints! subscribe and share the list:
https://t.co/Sh98T6LT9d
#EUATTACKworkshop
The @OTR_Community supported @oscd_initiative adding 38 Detection Rules (previously developed at their APT29 Hackathon and Threat @HunterPlaybook) to the @sigma_hq repository during the sprint!
This way, the common initial outcome of the 2nd sprint for the Sigma ruleset is:
The second OSCD sprint is officially ended!
Thanks to all contributors! Great job!
We will finalize WIP PRs and summarize the results in the upcoming weeks. The initial summary will be delivered this Friday at the Sixth EU ATT&CK Community Workshop:
https://t.co/vRyH0EIlkk
The sprint starts tomorrow!
Please keep in mind that you need to create one Pull Request per analytic (@sigma_hq rule or Atomic test). Use the How-To as a reference for the rest of the workflow specifics:
https://t.co/4oHWOGaXjr
See you in GitHub comments!
RE&CT framework released!
A knowledge base of actionable Incident Response techniques, based on @MITREattack philosophy.
Mapping to ATT&CK / AMITT, export to @TheHive_Project templates, visualization in the Navigator, and more!
https://t.co/RTHfhqCgi1
#incidentresponse#dfir
Call for contributions to incident response techniques in ICS for RE&CT framework @yugoslavskiy@atc_project / a knowledge base of actionable Incident Response techniques, based on @MITREattack philosophy
https://t.co/cmheQYSE2j
RE&CT framework released!
A knowledge base of actionable Incident Response techniques, based on @MITREattack philosophy.
Mapping to ATT&CK / AMITT, export to @TheHive_Project templates, visualization in the Navigator, and more!
https://t.co/RTHfhqCgi1
#incidentresponse#dfir