|
22 more images
|
Cosmo
Bringing order to Cyber Operations
A cyber threat intelligence platform built with the cyber planner in mind.
- Rebuilt OpenCTI interface to follow streamlined workflow to control ingestion, triage alerts and fine tune ML engine analysis
-
Wrote all parsers for transforming emails and various log formats into appropriate STIX2 objects
-
Built ingestion system to support custom configurations and toggle persistent storage of Observables while preserving analysis and prediction with or without historical data.
-
Wrote test cases and reproducible pen test with ZAP Security Scanner to validate performance, processing and predictions.
-
Used Stix2 ANTLR4 grammar for pattern matching log data with existing Indicators of Compromise
-
Leveraged inference engine settings to automated indirect relationships between different Stix objects
|
