the dogesec blog
much post. so knowledge. many intel. very subscribe. wow.
-
Enriching Vulnerabilities to Create an Intelligence Graph
analysts developers October 14, 2024
We do a lot of our research into vulnerabilities. To aid this, we enrich CVEs using many remote sources of intelligence. Here is a walk-through showing how we connect CVEs to EPSS scores, CISA KEVs, MITRE ATT&CK, CWEs, and CAPECs. -
Writing Detection Rules to Identify if Products in my Stack are Vulnerable
developers September 16, 2024
Developing on last weeks post, I show you how to construct STIX Patterns to automatically flag which products are affected by published CVEs. -
How Known Affected Software Configorations on the CVE Website are Constructed
analysts August 12, 2024
I wanted to write detection rules to identify what products are vulnerable to a CVE. In this post I walk you through my research. -
PSA: MITRE ATTCK is More Than Tactics and Techniques
analysts developers July 15, 2024
Software, Data Sources, Data Components, Campaigns, and more, make MITRE ATT&CK even more powerful than you might first realise. In this post I uncover the parts of ATT&CK you might not be aware of. -
Fortifying AI: How MITRE ATLAS Shields Artificial Intelligence from Adversarial Threats
analysts June 17, 2024
Discover how MITRE ATLAS is helping to defend AI systems as I share a detailed explanation of how the knowledge-base is architected. -
Fighting Disinformation: Classifying Your Research Using Standardised Disinformation Tactics and Techniques
developers May 13, 2024
Our intel team is increasingly using the DISARM framework to classify parts of our research as disinformation campaigns continue increase. In this post I will introduce the DISARM data structure. -
The Problems with Modelling Countries as STIX Objects (and How to Fix Them)
developers April 15, 2024
Take the list of recognised countries and regions. Create STIX objects for them. Make them available to everyone so that the CTI world has a single way of representing them. -
How CTI Butler Creates a Threat Intelligence Graph of Common Frameworks
analysts products March 11, 2024
CTI Butler links many common knowledge bases, for example linking MITRE ATT&CK to CAPEC objects, to improve the context of our research. This post describes the logic CTI Butler employs behind the scenes to do this. -
CTI Developers: We Built an API for MITRE ATT&CK, CWE, CAPEC, ATLAS... and more!
analysts developers products February 12, 2024
Here is a quick-start guide to CTI Butler showing you how much easier it makes working with these frameworks. -
Getting Started with the MITRE ATT&CK Navigator
analyst tutorial January 15, 2024
The MITRE ATT&CK Navigator is a very useful tool to explore the MITRE ATT&CK (and other similar frameworks). In this post I take a look what you can do with Navigator and how it works under the hood so that you can use it to model your own ATT&CK-like frameworks.