securitiz
securitiz
## Use case Given a set number of reports that have observables / objects we care about, it would be useful to export the data contained in those reports at...
## Use case It is useful to see if a list of IOCs have been observed in OpenCTI, and if so, in which Reports ## Current Workaround Search every observable...
## Use case After performing an investigation query (which is currently graphic), it is useful to be able to summarize the data and export it. For example, most common malware...
## Use case It would be useful to search for subnets ## Current Workaround Multiple manual searches ## Proposed Solution Make IP searchable via CIDR notation ## Additional Information ##...
## Use case Some organization carefully curate which labels are used within the environment, so they are as meaningful as possible. The ability to control which if a connector creates...
## Description There are several clues to suggest that not all correlated objects (and their reports) are being represented in the Correlation view. First: often times, the "Related Reports" section...
## Description It is not possible to create a relationship that denotes that File -> _sample_ -> Malware However, it is possible to create Malware -> _sample_ -> File. This...
## Use case Functionally for a user, creating a "nested relationship" and "relationship" within the context of the knowledge graph is the same thing - just allows for different types...
## Use case Based on my research in STIX 2.1 specs, there is no functional difference between the "linked to" nested relationship and "relates to". The only difference appears to...
## Use case It's very useful to be able to look at the MITRE kill chain to know what attack patterns to add. This feature already exists in other contexts...