1 Project

3 more images

Cosmo CTI
Bringing order to Cyber Operations

A cyber threat intelligence platform built with the cyber planner in mind.
  • Scripted NodeJS parser and cron job for transforming Apache logs to Stix2 bundles for importing.
  • Extended OpenCTI platform with custom python connector for filtering and importing log data as Indicators, Observations, and Sightings.
  • Built React components to ease batch importing with predefined tags and expose searchable data tables of imported data using GraphQL.
  • Wrote custom enrichment connectors to categorize and group log data as Campaigns.
  • Currently building out analysis tools to categorize log data as Attack Patterns and to identify Threat Actors through various inference engine rules.

Started: 2021-03-01

Launched/Lasted: 2021-12-31

Technologies: ReactJS, GraphQL, ElasticSearch, Redis, RabbitMQ, Minio, Docker, Google Cloud Platform, Python, NodeJS

Industries: Cyber Security

Team: E.A.Taylor: Front-End, Back-End. Ray Allen: Product Development. Joseph Anderson: Business Development.

Companies/Brands: Cypher LLC, UTRS