damians-filigran
damians-filigran
From another user: There is a need for intelligent fuzzy matching of threat actor names to help with housekeeping and deduplication . For example, matching variations like "BlackBasta" and "Black...
This is an interesting one. A couple of reasons for having automatic case numbering are to: * Create a unique title that an analyst can easy discern on a table...
Also, a larger screenshot (eg. knowledge graph) will be completely missing from the PDF export Original HTML:  PDF contents: 
Just adding to this, as I came across the same requirement. I see that NVD publish the CVE stream, the CPE stream, both separately, and _then_ the CPE_match stream, which...
I also see [dogesec do this](https://github.com/muchdogesec/cve2stix/tree/main/cve2stix) in their CVE2STIX parser
Some other Indicators have also been found missing as imported entities, compared to the original CSA report:: - Indicators (Personas) - Indicators (IP Addresses) - Indicators (SHA256 hashes) [eg.CSA-230966, CSA-210776,...
Adding to this, there can be a confidentiality requirement to this filtering requirement. If every incident is sent from Defender to OpenCTI, this could include events that are restricted to...
Edit: It does work, creating the relationship with coverage = 0 Empty. It just took some time to persist on that platform. Leaving this open for now for PM to...
This was on Testing.octi, importing the STIX TTP export file as we were discussing on Teams.