Atomic Threat Coverage

74 posts

Atomic Threat Coverage

Atomic Threat Coverage

@atc_project

Actionable analytics designed to combat threats

Worldwide Katılım Şubat 2019
1.2K Takip Edilen2.2K Takipçiler
Atomic Threat Coverage retweetledi
OSCD
OSCD@oscd_initiative·
We stand with Ukraine and its people at this difficult time. Russian invasion, supported by Belarus, must stop. We condemn the actions of aggressors countries' leadership, not the people who live there. The initiative will stay open for everyone, regardless nationality.
OSCD tweet media
English
0
1
16
0
Atomic Threat Coverage retweetledi
tuckner
tuckner@tuckner·
Similar to using Notion previously, extended @atc_project's RE&CT, which generates @Confluence pages for security response actions, with the name of the runbook that @tines_io should use to remediate alerts. Documentation that directly improves #cybersecurity outcomes.
tuckner tweet mediatuckner tweet media
tuckner@tuckner

Excited for @NotionHQ's potential use with cybersecurity teams. It provides a beautiful interface for documenting processes that, through the new @NotionAPI, can effectively be used to drive remediation automations using page property metadata (using @tines_io).

English
0
1
5
0
Grepton
Grepton@ReptonSec·
@atc_project @cyb3rops Is ATC the only project organising and structuring Sigma rule detections, dependencies & playbooks etc? I don't see anyone else doing it and the ATC project seems quiet
English
1
0
0
0
Atomic Threat Coverage retweetledi
Thomas Patzke
Thomas Patzke@blubbfiction·
Just merged the huge @oscd_initiative pull request into the Sigma master branch. Lots of new and improved rules. Big thanks to all contributors, it was a pleasure to review!
English
1
17
41
0
Atomic Threat Coverage retweetledi
OSCD
OSCD@oscd_initiative·
The @OTR_Community supported @oscd_initiative adding 38 Detection Rules (previously developed at their APT29 Hackathon and Threat @HunterPlaybook) to the @sigma_hq repository during the sprint! This way, the common initial outcome of the 2nd sprint for the Sigma ruleset is:
OSCD tweet media
English
4
23
83
0
Atomic Threat Coverage retweetledi
OSCD
OSCD@oscd_initiative·
The second OSCD sprint is officially ended! Thanks to all contributors! Great job! We will finalize WIP PRs and summarize the results in the upcoming weeks. The initial summary will be delivered this Friday at the Sixth EU ATT&CK Community Workshop: attack-community.org/event/
English
1
6
21
0
Atomic Threat Coverage retweetledi
OSCD
OSCD@oscd_initiative·
The sprint starts tomorrow! Please keep in mind that you need to create one Pull Request per analytic (@sigma_hq rule or Atomic test). Use the How-To as a reference for the rest of the workflow specifics: oscd.community/sprints/sprint… See you in GitHub comments!
OSCD@oscd_initiative

The next Sprint starts on October 5! We will focus on Simulation, Detection & Response: develop @redcanaryco #AtomicRedTeam tests, @sigma_hq Rules, and @TheHive_Project Responders; improving their coverage of @MITREattack and @atc_project RE&CT frameworks oscd.community/sprints/sprint…

English
0
13
23
0

Keşfet

@Confluence @tines_io @ReptonSec @cyb3rops @oscd_initiative @MITREattack @FDezeure @circl_lu