Join our newsletter

Receive occasional news and new articles from Cosive.

Thanks for subscribing to our newsletter
Oops! Something went wrong
February 21, 2024

The Opportunity Cost of Self-hosting MISP

A term with origins in macroeconomics, opportunity cost is the hidden cost of choosing one course of action over another, when both cannot be chosen at the same time. Opportunity costs are not always financial. For example, the opportunity cost of playing video games instead of going for a hike are the benefits you’d have likely gained from hiking, such as improved fitness and mental health. Security teams also incur opportunity costs whenever they pick one way to spend their time and resources over another. The opportunity cost of self-hosting and maintaining MISP is the additional time and brainpower teams could have otherwise spent gathering and leveraging usable threat intelligence and enhancing their organisation’s security posture.

February 26, 2024

Assemblyline 4 Services: A Guided Tour

Assemblyline 4 is a popular open-source private malware repository. Arguably the most powerful feature of Assemblyline 4 is the capability to chain services together for comprehensive and highly customisable artifact triage and analysis. Each Assemblyline service performs a specific function (similar to the “microservices” pattern often used in software architecture). These services can be chained together to process files, extract relevant information, and evaluate potential threats. In this guide, we’ll dive into Assemblyline’s most useful managed (built-in) services you can incorporate into your analysis workflows.

February 26, 2024

The Rise in Unique Malware & How to Defend Against It

While commodity malware is designed for general use against a broad range of targets, unique malware is designed for specific, targeted attacks against an organisation, facility, or individual. Unfortunately, the use of unique malware appears to be on the rise, with the latest BlackBerry Quarterly Global Threat Intelligence Report white paper showing a 70% increase in unique malware samples associated with attacks against BlackBerry Cybersecurity customers. In this article, we’ll explore the threat of unique malware, steps organisations are taking to fight it with the help of tools like Cosive’s MalwareZoo, which is purpose-built to privately store and analyse sensitive, targeted malware.

February 21, 2024

Just How Big Does MISP Data Get, Anyway? We Ran the Numbers

Here at Cosive, we’ve both used and written a fair number of integrations and transformers for MISP events and data. A classic problem is MISP data processing scripts which end up falling over or taking forever to run because they didn’t necessarily expect as much data as they ended up receiving. How robust do our MISP data processing scripts and pipelines need to be to handle the extremes of MISP data volumes?

February 21, 2024

Cosive's 2023 Year in Review

A brief look back on what we achieved in 2023, including two major industry trends and some personal and professional highlights from four Cosive team members.