Inspiration

There are lot of Security Vulnerabilities and breaches now and this inspired of creating a platform that could be helpful for organizations to monitor and take necessary actions.

What it does

SocioThreatMonitor is a platform that extracts the Security/Threat Specific data from social media and Security News Articles and helps the organizations to monitor and take necessary actions.

Extract data from multiple sources and upload data into Azure Log Analytics Workspace.

Extract CVE Information and Indicators of Compromise Information from data

Analytics queries are created on custom logs data in Log Analytics Workspace.

Security Team in Organization can monitor these Incidents, prioritze and take necessary action.

threatmonitor!

How we built it

Ingest Data from different Sources Extract IOC and CVE from the data Upload data to Azure Log Analytics Workspace Create Incidents , Monitor and take actions

Challenges we ran into

Azure Sentinel Filtering Table data and getting Visualizations updated on table filter.

Accomplishments that we're proud of

What we learned

Learnt a lot about Cyber Security Domain and Azure Sentinel, Ioc Extraction using Msticpy, Azure Sentinel Notebooks, Analytic Rules, Hunting Queries, CVE, Msticpy , Azure ML

What's next for SocioThreatSight

Add CyberAttacks,Malwares.etc Ingest Data from other sources and work on enhancing front end .

Share this project:

Updates