Afternoon everyone. Our team has been busy building an open source product that explores how the relationships between different types of threat intel data can help give customers more context about indicators, courses of action, attack patterns, and threat actors. (
www.unfetter.io)
While building it, we decided to make our backend STIX 2.0 compliant. We separated the backend store into separate Docker containers (microservice model), accessed by a REST interface. We are also building a web interface in front of the data store.
If interested, please clone it and use it. If you have comments, suggestions, bugs, we are happy to engage.
Shaun McCullough
An Information Assurance Project
National Security Agency