Found a great blog on Advance Threat Intel

Just came across a great Medium article that shows how to automate the entire process of discovering newly added CISA KEV vulnerabilities and generating Sigma detection rules using AI.

Instead of manually tracking new CVEs and writing detections from scratch, the workflow automatically:

    Identifies newly published KEV vulnerabilities

    Generates Sigma detection rules with AI

    Maps them to MITRE ATT&CK

    Distributes the results to Google Sheets, Slack, email, and your SIEM
If you're a SOC analyst, detection engineer, threat hunter, or blue team practitioner looking to streamline threat intelligence and detection engineering, this is definitely worth a read.

2 points | by RawatManish 1 hour ago

1 comments