| Popis: |
This deliverable presents the initial version of the SECANT Threat Intelligence Module (TIM) as the outcome of the work perform during T3.2. The development of TIM is performed according to the initial architecture of SECANT as defined in “D2.4 – SECANT platform and reference architecture – initial version” as well as the user requirements that were identified in “D2.1 – End-user/stakeholder requirements” and the technical requirements as presented in “D2.2 – Technical Requirements”. The deliverable provides a comprehensive report of the current State of the Art (SotA) concerning the field of Cyber Threat Intelligence (CTI), the various sources of CTI, the available technologies of web crawling and the CTI platforms. The SotA has been studied in terms of both the advantages and disadvantages of the currently available approaches in order to identify the added value for SECANT. Furthermore, the deliverable elaborates on the current status of the development of the TIM module, providing both high-level overview and technical details of TIM and its supported functionalities (collection, sharing and reporting). In particular, each functionality is described in detail including material of the initial version of TIM’s sub-components. This is the initial version of the report regarding the techniques for threat intelligence collection, sharing, and reporting. The development of TIM is still active, and once it is finalised, the outcome will be presented in D3.3 – Techniques for threat intelligence collection, sharing, and reporting – final version. |
