Receive occasional news and new articles from Cosive.

Thanks for subscribing to our newsletter
Oops! Something went wrong
Chris Horsley
Chris Horsley
Co-founder & CTO
February 21, 2024

Visualising APT threat actor and tool commonalities

How can we visualise intel about tool use between threat actors using a vis.js network visualisation? Let's add a circular twist.

Tash Postolovski
Tash Postolovski
Technical Marketing Manager
Chris Horsley
Chris Horsley
Co-founder & CTO
February 21, 2024

Episode #008: Getting Started with Cyber Threat Intelligence (CTI) with Chris Horsley

Can one analyst with zero budget start a Cyber Threat Intelligence (CTI) program?Yes! In fact, you may already have started a small threat intelligence program without even realising it.In this interview with Cosive CTO and renowned CTI expert Chris Horsley we delve into the following questions on how analysts and teams can start a threat intelligence practice with limited resources.

Chris Horsley
Chris Horsley
Co-founder & CTO
Terry MacDonald
Terry MacDonald
Co-founder & COO
February 21, 2024

Announcing Leadership Changes at Cosive: Farewell to Kayne Naughton and Welcome Scott Ceely

We wanted to take a moment today to update our community of past and present customers, as well as our professional and personal networks, of recent changes to the Cosive board.

David K.
David K.
Security Consultant
February 21, 2024

Getting More Out of MISP and Microsoft Sentinel

Typically, SecOps analysts will have many daily routines, one of which will be to check their favourite Threat Intelligence Platforms, read the latest threats and note down any that are worthy of attention. Next, they’ll add those threats to the their central log analysis and alerting platform (e.g. Microsoft Sentinel) as something to look for. Depending on how many feeds analysts are watching and how active the bad actors are, this can be a very time consuming process. Granted, an important one, but still time consuming. Wouldn't it be nice if we could save the planet one tree at a time by doing away with all the post-it notes with one-off IP addresses and domain names? Could we get MISP and Microsoft Sentinel to talk directly without wasting analyst time?

David K.
David K.
Security Consultant
February 26, 2024

A Tale of Two Systems: How We Integrated MISP with AssemblyLine

MISP has a lot of strengths, but it’s not a malware analysis service in its own right. It does deal with file hashes day in and day out, though. While you can add malicious file samples to MISP, we advise against it to make sure analysts don’t make mistakes and practise good network hygiene. So, we wanted to add another screwdriver to MISP’s toolbox.