Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bulk creation of knowledge around a threat entity #1799

Closed
nicolasleguillou opened this issue Dec 29, 2021 · 1 comment
Closed

Bulk creation of knowledge around a threat entity #1799

nicolasleguillou opened this issue Dec 29, 2021 · 1 comment
Assignees
@SamuelHassine
Labels
feature use for describing a new feature to develop solved use to identify issue that has been solved (must be linked to the solving PR)
Milestone
Release 5.4.0

Comments

@nicolasleguillou
Copy link

Use case

As an analyst, I want to be able to import the knowledge (TTP, IOCs, victimology, arsenal used) I have around a given threat entity (intrusion set, campaign, threat actor, malware in particular) in bulk mode in order to save time and avoid repetitive tasks.

Current Workaround

Clicking on multiple sections and creating several relationships with the same metadata.

Proposed Solution

This could be great to have for example a form to complete by the analyst so that on one single page, all the knowledge can be filled up, like this:

image

This is just a suggestion, I would be glad to discuss about it if needed @SamuelHassine.
@SamuelHassine SamuelHassine transferred this issue from OpenCTI-Platform/connectors Jan 4, 2022
@SamuelHassine SamuelHassine added the feature use for describing a new feature to develop label Jan 4, 2022
@SamuelHassine SamuelHassine added this to the Release 5.4.0 milestone May 5, 2022
@AAA10CR7
Copy link

Was this implemented?

@SamuelHassine SamuelHassine self-assigned this Sep 29, 2022
This was referenced Oct 18, 2022
Closed
Merged
SamuelHassine added a commit that referenced this issue Oct 19, 2022
@SamuelHassine
[api/frontend] Implement a first version of the analyst workbench (#2408
fca3023 
, #2163, #1799)
@SamuelHassine SamuelHassine added the solved use to identify issue that has been solved (must be linked to the solving PR) label Oct 19, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@SamuelHassine SamuelHassine

Labels
feature use for describing a new feature to develop solved use to identify issue that has been solved (must be linked to the solving PR)
Projects
None yet
Milestone
Release 5.4.0
Development

No branches or pull requests
3 participants
@SamuelHassine @nicolasleguillou @AAA10CR7