Comments (3)
It's not clear to me what the original intent of Cortex Connector feature request would be, but it occurs to me that a useful -and possibly easier to build- approach would be to simply do the following:
- Pull the IOCs that have been researched by a Cortex user (i.e. those items that have been enriched using Cortex)
- Update the History section of the IOC entity in OpenCTI with this info (e.g. CortexOrg1 investigated this observable on 2021-02-12)
- Optional: pull in the data retrieved by Cortex.
Knowing that someone in your org has researched an IOC is pretty powerful knowledge, and this may be an easy way to incorporate that.
from connectors.
Hi,
I think this idea is also well.
But I think the original intention from @SamuelHassine was to use cortex to enrich the information in opencti.
kind regards
from connectors.
Indeed it was @8ear. For the moment we've decided to not create this connector. CORTEX Analyzer will be available in the next major release of CORTEX.
from connectors.
Related Issues (20)
- Patch ID generation RiskIQ
- Error when ingesting a File object with a too big integer in the size field HOT 1
- CUCKOO_API_TOKEN variable is missing in connectors/external-import/cuckoo/docker-compose.yml HOT 1
- GreyNoise Feed connector environment variables not properly ingested HOT 2
- Develop hudsonrock enrichment connector
- Malware Bazar Connector Error HOT 2
- [Export CSV] Relationships export with filter exports more than required HOT 2
- Error when trying to export without order by
- Using a Python remote debugger for docker-compose local development HOT 1
- Qradar-Connector Deprecated API HOT 3
- [import/export] Error when importing text files or PDFs
- [Malpedia] ERROR: User effective max confidence level is insufficient to update this element HOT 6
- Stream Connector goes to "Inactive" status, does not "StreamAlive" HOT 2
- [Export CSV] Export both FROM NAME and TO NAME
- External reference not (re)created when using bundle and OpenCTIStix2.put_attribute_in_extension HOT 1
- Add new sources to Recorded Future external-import HOT 1
- Add additional debugging statements to the Recorded Future connectors
- [Import] Validating a workbench within a report can import a random file into it. HOT 5
- MISP AUTH Key variable appears to be missing for the misp-feed connector HOT 2
- Virus Total connector fails to enrich observables with an empty score HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from connectors.