opencti-platform / opencti Goto Github PK
View Code? Open in Web Editor NEWOpen Cyber Threat Intelligence Platform
Home Page: https://opencti.io
License: Other
Open Cyber Threat Intelligence Platform
Home Page: https://opencti.io
License: Other
Ensure that websocket (api, redis, ...) can be disable with an option and all the application still works perfectly.
None.
Implement an option in the configuration to be able to disable the "reactive" mode with Redis subscription.
None.
All entities can have multiple aliases. It would be interesting to be able to add a source reference for aliases (ie. vendors).
Also, some aliases are private. It would be great if it's possible to add a marking on aliases, so private aliases will not be leaked in export.
None.
Update the schema to be able to add relationship between an entity (organization / marking) and an attribute (alias).
Open to other solutions.
None.
Add an error handling for disconnected users and more globally for CRUD.
None.
Implement all the errors management.
None.
All entities can have an author/creator (created_by_ref in STIX2). The GraphQL methods of all entities must implement this field as well as the creation/edition form of the UI.
None.
Create the GraphQL schema and resolvers, update all forms in the UI.
None.
Add the possibility to undo/redo things in the knowledge graph of a report.
None.
Add the feature (or find a new library and refactor).
None.
Create a loader for STIX 2 json files in order to direclty push STIX2 data on the platform.
None.
Implement a loader to insert data from JSON to Grakn.
None.
In some specific cases, the user is not able to logout.
Steps to create the smallest reproducible scenario:
Successful logout.
Nothing happen.
{ Any additional information, including logs or screenshots if you have any. }
The list view is stuck on dummy if the number of entities to display is equal to the first offset.
Steps to create the smallest reproducible scenario:
The dummy view is replaced by actual entities.
The dummy view remains.
None.
The current TextField
component trigger the onBlur even if the content has not been changed, so an API call is launched.
None.
Enhance the TextField with an "initial state" to be able to check if the content have been modified before triggering the API call.
None.
To explain technical choices behind OpenCTI, we have to write an article about why we choose Grakn as the main database backend.
None.
Clean the Luatix blog and write the article.
None.
Entities views must provide quantitative information through charts about their relations and their linked entities.
None.
Create various generic charts (and associated GraphQL methods), add its in the different entities views.
None.
Add README, docker install and publish on Github.
None.
Create the Github repository, the README and the Docker compose configuration.
None.
OpenCTI needs a website to present the product and explain the goal of the platform.
None.
Create the website and write a first blog article about OpenCTI.
None.
Implement the courses of action management.
None.
Implement courses of action view.
None.
For testing purposes, having a basic observables management in the platform might be necessary for demonstrate the final goals of the platform.
None.
Implement Observables in the Grakn schema, implement the GraphQL methods and the frontend associated views.
None.
The users must be able to export all lists in a CSV.
None.
Implement the CSV export in all list views.
None.
Implement all observable types schema.
None.
Finish the schema and update associated forms.
None.
Manual installation of the platform must be documented before the first release.
None.
Write the documentation directly on a .md
file.
None.
Create the user profile to allow users to update their settings/preferences and see their API key.
None.
Create the view and the associated form in the UI.
None.
Report knowledge creation must be available in order to create relations between entities and modeling the knowledge of the report.
None.
Create the knowledge graph and all the features such as adding new entities, create and manage relations, move the node and edges.
None.
Currently, the Grakn schema is created by the JAVA loader. Since this loader is deprecated and to be more consistent, the Grakn schema must be created by a NodeJS command on the API side.
None.
Implement a command in the NodeJS API to create the Grakn schema.
None.
Connect any MISP instance(s) to OpenCTI.
None.
Create the MISP connector.
None.
Add the possibility to attach files to a report.
None.
Add the possibility to upload files and attach them to a report.
None.
The goal is to be able to create groups who have access to specific marking definitions and prevent the other to access these marking definitions.
None.
Implement a grakn rule to infer permissions and check the permission for each query.
None.
The display is slow on the following views:
None.
Better performances.
Display in 20 / 30 secs.
None.
Delete the check of the authentication everywhere in the API.
None.
Add a @auth directive directly in the GraphQL schema.
None.
The users have to be able to logout.
None.
Implement the logout feature by clearing the cookie and the associated data.
None.
Add the possibility to update the knowledge and relationships in all knowledge screens of entities/threats/techniques.
Add this knowledge in report graph view.
Implement forms to add countries to region, cities to country, etc.
None.
Be able to make the difference on the sectors list between main sectors and sectors that have a parent sector.
None.
Count relations and display in different color or form or label, etc. Also, display the parent sector in subsectors.
None.
The 3.0 version of Relay has been released. Migrate the frontend and solve problems if any.
None.
Migrate to Relay 3.0
None.
Be able to organize the report knowledge graph in one click and avoid the "stack" of all entities when adding new ones.
None.
Implement graph organization algorithms on the report knowledge view.
None.
OpenCTI must be able to connect to other CTI platforms and tools. A connector template have to be created in order to allow the community to build connectors.
None.
Architecture and implementation of connectors.
None.
The current JAVA loader used since the beginning directly take JSON STIX2 file to Grakn database. The loader must use the API.
None.
Full refactor of the loader to use the GraphQL API to create entities.
None.
A global search field must be provided to be able to search any entity in the platform in fulltext.
None.
Create the field and the API methods.
None.
Reports are currently the only way to link knowledge entities between them. The management of the reports should be the implementation of basic features such as creation / edition / deletion.
None.
Create the views and the GraphQL methods to manage reports.
None.
The search function is currently not working properly.
1.Ubuntu 18.04
2. Pre-release
3. Frontend
Steps to create the smallest reproducible scenario:
TTP found.
No TTP found with the exact phrase match.
None.
Implement the observable enrichment schema and capabilities through connectors.
None.
Create the schema and the associated views. Link with connectors.
None.
The individual view of each entity must subscribe to change from the API and be updated without any refresh.
None.
Implement subscription on all "read" view (not list).
None.
Grakn schema changes have to be handled by a migrations system to allow future releases with schema modifications.
None.
None.
The developers of OpenCTI must have a clear overview of the CI process. CircleCI provides all the featured needed to achieve build/deploy goals.
Using self-hosted Jenkins.
Write a CircleCI configuration for all the workflows.
None.
The marking definition is not displayed in entities and relations.
None.
Find a position to display the marking definition on entities and relations.
None.
Change the knowledge overview with statistics instead of graphs.
None.
Implement a specific page for each entity types to display an overview of the current knowledge.
None.
Based on the work on reports, all the entities provided by OpenCTI must be implemented both on the GraphQL API and on the user interface.
None.
Create all the views and all the methods to manage entities.
None.
When clicking on the "Information" icon of an entity, open a right panel with the basic information of the entity instead of redirect to the entity page.
None.
Implement the "entity" overview in a right panel.
None.
It could be very interesting to be able to add aliases to an entity directly during the creation in the report knowledge view.
Create the entity, go to the edition page and modify alias.
Implement an alias field in the form and adjust the API.
None.
The API must provide an events logs to be able to debug in case of errors.
None.
Implement logging in the GraphQL API.
None.
Imtegration tests must be provided before the first release to ensure a correct tests coverage of basic features of the GraphQL API.
None.
Implement the integration tests framework and create the first tests.
None.
Implement the vulnerability enrichment through a connector with the CVE platform.
None.
Create a connector to the CVE platform.
None.
The user must be able to explore the data of the platform within a graph by searching for neighbors and so visualize the database.
None.
Implement the concept of "workspace", implement an exploration graph view.
None.
Implement inline field component to be able to double click on a text and display a field.
Open the edit panel.
Create a generic inline field component.
None.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.