Blog
The DOGESEC blog
-
Extending MITRE ATT&CK
TUTORIAL September 23, 2024
Create new ATT&CK objects. Update existing objects. Matrices, techniques, tactics, mitigations, groups, and software can all be created and edited. -
Using STIX Objects to Make Vulnerability Prioritisation Easy (and Free)
TUTORIAL September 02, 2024
Follow along as I show you how to store 200,000 CVEs as STIX objects, then use CVSS, EPSS, CISA KEV and CPE data to search and filter them. -
Writing Detection Rules to Identify if Products in my Stack are Vulnerable
TUTORIAL August 12, 2024
Developing on last weeks post, I show you how to construct STIX Patterns to automatically flag which products are affected by published CVEs. -
How Known Affected Software Configorations on the CVE Website are Constructed
TUTORIAL August 05, 2024
I wanted to write detection rules to identify what products are vulnerable to a CVE. In this post I walk you through my research. -
Constructing STIX Indicator Patterns to Write Detection Rules
TUTORIAL July 01, 2024
The STIX 2.1 Indicator SDO specification is flexible enough to allow for a range of detection languages. In this post I will show you how to use the STIX pattern language to write detections using cyber threat intelligence data. -
Creating Custom STIX Objects for Cyber Threat Intelligence
TUTORIAL June 24, 2024
Sometimes the default STIX 2.1 objects will not be broad enough for your needs. This post describes how you can extend the STIX specification when required. -
STIX 2.1 support for TLPv2
TUTORIAL June 18, 2024
A short post with code examples that show how to use TLPv2 with STIX 2.1. -
A Quick Start Guide to Generate STIX 2.1 Structured Threat Intelligence
TUTORIAL June 17, 2024
A post full of code examples that will give you everything you need to start creating STIX objects to make it simple to share your threat research. -
A Beginners Guide to Creating Threat Intelligence using STIX 2.1 Objects
TUTORIAL June 10, 2024
STIX 2.1 allows you to tell stories by connecting objects together to form the story-line of cyber actors, campaigns, incidents, and much more. In this post I explain how.