https://github.com/center-for-threat-informed-defense/cti-blueprints

CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.
https://github.com/center-for-threat-informed-defense/cti-blueprints

ctid cyber-threat-intelligence cybersecurity incident-response malware-analysis mitre-attack threat-actors threat-informed-defense

Last synced: 14 days ago
JSON representation

CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.

• Host: GitHub
• URL: https://github.com/center-for-threat-informed-defense/cti-blueprints
• Owner: center-for-threat-informed-defense
• License: apache-2.0
• Created: 2022-11-01T16:35:12.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2023-11-09T18:34:19.000Z (8 months ago)
• Last Synced: 2024-05-12T00:45:24.195Z (2 months ago)
• Topics: ctid, cyber-threat-intelligence, cybersecurity, incident-response, malware-analysis, mitre-attack, threat-actors, threat-informed-defense
• Language: TypeScript
• Homepage: https://ctid.io/cti-blueprints
• Size: 27.9 MB
• Stars: 167
• Watchers: 58
• Forks: 25
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE

Lists

• awesome-github-repos - center-for-threat-informed-defense/cti-blueprints - CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently. (TypeScript)

README

        
[![MITRE ATT&CK® v13](https://img.shields.io/badge/MITRE%20ATT%26CK®-v13-red)](https://attack.mitre.org/versions/v13/)

[![build](https://github.com/center-for-threat-informed-defense/cti-blueprints/actions/workflows/build.yml/badge.svg)](https://github.com/center-for-threat-informed-defense/cti-blueprints/actions/workflows/build.yml)

# CTI Blueprints

CTI Blueprints is a free suite of templates and tools that helps Cyber Threat

Intelligence (CTI) analysts create high-quality, actionable reports more consistently

and efficiently. CTI analysts face many challenges and constraints, including time and

resource constraints, lack of analytic training and guidance, and lack of feedback from

CTI consumers on what works. This project seeks to increase the operational relevance of

reports through a standardized set of templates that help analysts answer specific

analytic questions for common cyber security use cases. This project is created and

maintained by the MITRE Engenuity Center for Threat-Informed Defense in futherance of

our mission to advance the start of the art and the state of the practice in

threat-informed defense globally. The project is funded by our [research participants](https://mitre-engenuity.org/blog/2023/06/12/cti-blueprints/#research-participants).

**Table Of Contents:**

- [Getting Started](#getting-started)

- [Getting Involved](#getting-involved)

- [Questions and Feedback](#questions-and-feedback)

- [How Do I Contribute?](#how-do-i-contribute)

- [Notice](#notice)

## Getting Started

To get started, we suggest reading the One Pager for an overview of the project and

then read the sample reports. For a deeper dive, read the wiki documentation and review

the CTI templates. From there, try creating your own reports using either the Word

templates or the Blueprints Suite of tools.

| Resource                                                                                                              | Description                                                                                    |

| --------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------- |

| [One Pager](https://hubs.ly/Q01SYBjK0)                                                                                | Overview of CTI Blueprints                                                                     |

| [Documentation](https://github.com/center-for-threat-informed-defense/cti-blueprints/wiki)                            | Complete documentation for CTI Blueprints                                                      |

| [Templates & Sample Reports](https://github.com/center-for-threat-informed-defense/cti-blueprints/wiki/CTI-Templates) | CTI report templates with inline guidance and sample reports illustrating use of the templates |

| [Authoring Tool](https://center-for-threat-informed-defense.github.io/cti-blueprints/)                                | Run the authoring tool in your browser                                                         |

| [Download Tools](https://github.com/center-for-threat-informed-defense/cti-blueprints/releases)                       | Download the authoring and publishing tools to run locally (advanced option)                   |

## Getting Involved

There are several ways that you can get involved with this project and help advance

threat-informed defense:

- **Review the [One Pager](https://hubs.ly/Q01SYBjK0) and [sample reports](./samples).**

  This will give you a quick overview of the project's goals and help to envision your

  own capability to use it.

- **Read [the project wiki](https://github.com/center-for-threat-informed-defense/cti-blueprints/wiki).**

  It goes deeper into the project's goals and objectives.

- **Create your own reports.** Choose one of two approaches for creating reports:

  - Build reports with the [Word templates](./templates), which are user friendly and

## Questions and Feedback

Please submit issues for any technical questions/concerns or contact

[email protected] directly for more general inquiries.

Also see the guidance for contributors if are you interested in contributing or simply

reporting issues.

## How Do I Contribute?

We welcome your feedback and contributions to help advance CTI Blueprints.

- Provide feedback on the templates and tool on Github, find us on LinkedIn, or reach

  out to our team directly at [email protected].

- Help us develop additional plug-ins for the community or provide additional plugin

  suggestions. A running list of suggested plug-ins can be found on our Github Wiki

  Developer page.

- Spread the word! Our goal is to increase adoption of CTI Blueprints in the community,

  and we encourage analysts to integrate it into their production workflow. CTI

  Blueprints is open-source, so go ahead and share it in your professional network!

Please see the guidance for contributors if are you interested in [contributing or

simply reporting issues.](/CONTRIBUTING.md). Submit

[issues](https://github.com/center-for-threat-informed-defense/cti_blueprints/issues)

for any technical questions/concerns or contact [email protected] directly for

more general inquiries.

## Notice

Copyright 2023 MITRE Engenuity. Approved for public release. Document number CT0069.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this

file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under

the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

KIND, either express or implied. See the License for the specific language governing

permissions and limitations under the License.