Coleman Kane

I've been following the x64dbg project for awhile, and I probably will migrate the course to it after a stable release version is established. Right now the project appears under...

I would also add to this Crypto wallet identifiers

There are a whole lot of sources that already publish data in a format that MISP understands, particularly a simple JSON schema that's unique to MISP, as well as hosted...

I have been able to do it, both on my local system using docker for both (https://github.com/MISP/misp-docker, https://github.com/OpenCTI-Platform/docker) as well as on AWS using updates I made to a terraform-script...

One piece of advice I would propose is that SVR, FSB, and GRU are not "exclusively cyber" organizations, but rather organizations which employ specific teams (or contract out the work...

The STIX documentation explains this in further (and more abstract) detail https://oasis-open.github.io/cti-documentation/examples/defining-campaign-ta-is

Just referencing the following STIX section, I'd suggest Threat Actors be used for individuals (and perhaps static groups of individuals [or perhaps unidentified ones], but that probably gets confusing or...

My big distinction between Threat Actor and Individuals is that I'd reserve Individuals to be victims/targets/authors, while Threat Actors is an entity that has additional fields to describe "threat type"...

Your proposed usage of threat actor for FSB, GRU, etc... (if I understood correctly) would also match the STIX-defined usage based on https://docs.oasis-open.org/cti/stix/v2.1/cs01/stix-v2.1-cs01.html#_k017w16zutw So I don't see this conflicting with...

Yep, this was the point I was making with my last comment too - the entity type can be used for groups/organizations, so choosing to do it this way shouldn't...