Codifying your malware analysis workflows.

Building shareable, repeatable & history preserving analysis pipelines using your favourite tools + CI + git + containers.

Analysis tools, that will run automatically whenever possible, and the results are automatically evaluated and compiled into shareable threat intelligence packages.

logo

#1 Quality of threat intelligence

Map the state of the art of threat intelligence feed providers, feeds, contents of the feeds, and possible evaluation sources for feed attributes throughout the project.

#2 Integration of analysis tools

Map the state of the art of threat intelligence feed providers, feeds, contents of the feeds, and possible evaluation sources for feed attributes throughout the project.

#3 Collaborative analysis, with automation

  • Create tools supporting an integrated analysis workflow (open sourced)
  • Integrate with #1 (quality evaluation) and #2 (incident analysis) tools
  • Try out in practice and iterate

#4 Piloting

Tools and workflows in handling actual cases during the project. The work is performed with a community of pilot users.