Skip to main content

TIBER-Cases

GitHub Project: https://github.com/jstnk9/TIBER-Cases

TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases generated are mapped to TIBER-EU processes.

TIBER-EU process is complex to implement in order to work in an agile way. It takes a lot of intercommunication between different departments and suppliers.

The cases generated for The Hive have the main objective of quickly implementing the tasks that the Threat Intelligence team has to perform. In this way, work agility is achieved.

Full explanation about this project in my blog: https://jstnk9.github.io/jstnk9/blog/TIBER-EU-ES-Threat-Intelligence-Series-01

TIBER-EU

How they define themselves is: TIBER-EU is the European framework for threat intelligence-based ethical red-teaming. It is the first EU-wide guide on how authorities, entities and threat intelligence and red-team providers should work together to test and improve the cyber resilience of entities by carrying out a controlled cyberattack.

Process

To simplify the entire TIBER-EU document and the Threat Intelligence section a bit, I wanted to make a process explaining the most important points of the framework for those analysts who are going to work on it. Specifically, I have focused on the "Processes/Activities Threat Intelligence" section of the official TIBER-EU process.

Jstnk_TIBER

Feedback and contributions

Feel free to open issues if you want collaborate or send any feedback.

References

TIBER-EU: https://www.ecb.europa.eu/paym/cyber-resilience/tiber-eu/html/index.en.html

TIBER-ES: https://www.bde.es/bde/es/secciones/servicios/tiber-es-3f6bfe7e907ed71.html

The Hive Project: https://thehive-project.org/