Cosive Blog

February 21, 2024

Episode #004: How ChatGPT Could Transform the CTI Analyst Role with Chris Horsley

Cosive CTO Chris Horsley conducted early experiments using ChatGPT to help assign ATT&CK IDs to threat intelligence reports. While the tool won’t replace an experienced analyst as of today, it will likely change the way we do this kind of work.

Chris Horsley

Chief Technology Officer

Tash Postolovski

Technical Marketing Manager

February 21, 2024

7 MISP Best Practices: Lessons from Effective Threat Intel Teams

MISP is a powerful open source threat intelligence and sharing platform used by countless SOC teams around the world. Getting a barebones MISP instance up and running is well within the skill-set of most SOC teams. Download MISP, run it on a VM, and log in to the MISP admin console using default credentials… all within about 10 minutes. That part is easy. Now for the hard part: how do you get from a barebones MISP install to actually using MISP to solve real-world cybersecurity problems? Making that leap can be much more complex and challenging than it may seem on the surface.

Chris Horsley

Chief Technology Officer

February 21, 2024

ATT&CKing with OpenAI’s ChatGPT

We try out some exciting early experiments using ChatGPT for helping us assign ATT&CK IDs to threat intelligence reports. While it’s not going to replace an experienced analyst as of today, it will likely change the way we do this kind of work.

James Cooper

Security Developer

Tash Postolovski

Technical Marketing Manager

February 21, 2024

Episode #003: Securing REST API Endpoints (or How to Avoid Another Optus) with James Cooper

Unless you have been living in a cave on Mars with your eyes shut and your fingers in your ears for the past few weeks, you have probably heard something about a data breach at Australian telecommunications giant Optus.As security mistakes go, the vulnerability reported to have enabled the attack leans toward the more embarrassing side of the scale. If reports are true, Optus has effectively exposed customer data on an endpoint available to the entire internet.While it is plausible that a developer will forget to (re)secure an endpoint once they finish their development work, there are multiple practical steps you can take to catch or mitigate the problem.

James Cooper

Security Developer

February 21, 2024

Securing REST API Endpoints (or 15 Steps to Avoid Another Optus)

Unless you have been living in a cave on Mars with your eyes shut and your fingers in your ears for the past few weeks, you have probably heard something about a data breach at Australian telecommunications giant Optus. At Cosive, we work with organisations every day to prevent data breaches like this from happening. Here, we share 15 actionable steps that organisations to secure their API endpoints and “avoid another Optus”.

Our blog

Using the CTI-CMM Model to Evaluate Threat Intel Program Maturity

Using MISP Bookmarks with Workflows for Team Coordination

Our blog

Using the CTI-CMM Model to Evaluate Threat Intel Program Maturity

Using MISP Bookmarks with Workflows for Team Coordination

Join our newsletter

Episode #004: How ChatGPT Could Transform the CTI Analyst Role with Chris Horsley

7 MISP Best Practices: Lessons from Effective Threat Intel Teams

ATT&CKing with OpenAI’s ChatGPT

Episode #003: Securing REST API Endpoints (or How to Avoid Another Optus) with James Cooper

Securing REST API Endpoints (or 15 Steps to Avoid Another Optus)