Blog
The DOGESEC blog
-
Mapping CVEs to MITRE ATT&CK
Being able to label CVEs with ATT&CK data allows for rich filtering, e.g. what CVEs use ATT&CK Technique X?. Here's how to create those labels in STIX 2.1. -
Extending MITRE ATT&CK
Add new objects, edit existing ones or create an entierly new framework. Anything is possible. -
A Beginners Guide to TAXII Clients and Servers
Want to consume and/or share cyber threat intelligence easily? TAXII is what you need. Let me show you. -
Constructing STIX Indicator Patterns
The STIX 2.1 Indicator SDO specification is flexible enough to allow for a range of detection languages which means you can share your detection content with tools that understand STIX. -
Creating Your Own Custom STIX Objects
Sometimes the default STIX 2.1 objects will not be broad enough for your needs. This post describes how you can extend STIX. -
A Quickstart Guide for the STIX 2 Python Library
If you're an intelligence producer, the STIX2 Python library will prove invaluable to you. -
Spin Up Your Own TAXII Server in 10 Minutes
We built an open-source TAXII server. This post describes how you can use it to start sharing your threat intelligence. Minimal technical knowledge required. -
Understanding the Structure of CVEs and CPEs
DIY June 10, 2024
Our tools require CVEs and CPEs in a STIX format. We have spent a lot of time learning the data NVD provides. This post shows our learning. -
A Better Way of Working with RSS and ATOM Feeds
Blog feeds are incredibly useful for security research, but there are many limitations that make working with them tedious. Here is how our team became significantly more efficient using them. -
Creating a Cyber Threat Intelligence Knowledgebase Graph
Joining the data held in knowledge-bases like MITRE ATT&CK allows for rich classification of cyber threat intelligence. Here is how we do that, so you can too.