Kraut Salad - a cyber threat intelligence and incident management platform.

Kraut Salad – a cyber threat intelligence and incident management platform.

Kraut Salad is a proof of concept implementation of a cyber threat intelligence and incident management platform.
The parsing component of Kraut Salad currently supports the cyber threat intelligence standards by Mitre called STIX and CybOX. For future versions, we plan to extend the parser to also read OpenIOC and other open source intelligence feeds in common formats, such as CSV.

The basis of Kraut Salad is a PostgreSQL database that holds tables for different kinds of threat intelligence objects, such as threat actors, campaigns, and items that can be used in indicators or that are observable at the host or on the network, as Mitre calls them in its CybOX standard.

Finally start the local server and browse to localhost:8000

Next to the storage of cyber threat intelligence information, we plan to integrate an incident management platform which will enable us to associate intelligence information with assets that were affected in an incident and actions that were performed on such information (e.g. network indicators were searched at the enterprise proxies), in order to get a better understanding and overview of an incident.

Kraut Salad – Intelligence Platform

Dependencies:
+ Python 2.7.x
+ git

Usage and Download from source:

Source: https://github.com/zeroq