I pitch OpenAI, Anthropic and Google against each other to see which one best understands MITRE ATT&CK

Obstracts is the blog feed reader used by the worlds most targetted cyber-security teams. Let me show you why.

Your handy guide to streamlining upgrades of MITRE ATT&CK by comparing the changes made between releases.

Despite countless frameworks, best practices, blog posts... so many developers still hardcode credentials into their code.

Here's an easy way to search and filter data in various CTI frameworks including; MITRE ATT&CK, MITRE CWE, MITRE CAPEC, MITRE ATLAS, DISARM, and more!

A short lesson in why building a product with a single point of failure is bad (duh!), and our hunt for a Wayback Machine alternative.

The NVD are still struggling to keep up with the backlog of CVEs to be analysed. With 26,876 added since February, it is no surprise.

The CVE List was launched in September 1999, listing 321 CVE records. 25 years later there are 265,767 CVE records.

Create new ATT&CK objects. Update existing objects. Matrices, techniques, tactics, mitigations, groups, and software can all be created and edited.

We built an open-source TAXII server, Arango TAXII Server. Here are some examples of how you can consume data from it using a TAXII Client.