There are lot of Security Vulnerabilities and breaches now and this inspired of creating a platform that could be helpful for organizations to monitor and take necessary actions.
What it does
SocioThreatMonitor is a platform that extracts the Security/Threat Specific data from social media and Security News Articles and helps the organizations to monitor and take necessary actions.
Extract data from multiple sources and upload data into Azure Log Analytics Workspace.
Extract CVE Information and Indicators of Compromise Information from data
Analytics queries are created on custom logs data in Log Analytics Workspace.
Security Team in Organization can monitor these Incidents, prioritze and take necessary action.
How we built it
Ingest Data from different Sources Extract IOC and CVE from the data Upload data to Azure Log Analytics Workspace Create Incidents , Monitor and take actions
Challenges we ran into
Azure Sentinel Filtering Table data and getting Visualizations updated on table filter.
Accomplishments that we're proud of
What we learned
Learnt a lot about Cyber Security Domain and Azure Sentinel, Ioc Extraction using Msticpy, Azure Sentinel Notebooks, Analytic Rules, Hunting Queries, CVE, Msticpy , Azure ML
What's next for SocioThreatSight
Add CyberAttacks,Malwares.etc Ingest Data from other sources and work on enhancing front end .