Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Intel471 Connector Ingestion Issue #3519

Open
nhuber0724 opened this issue Feb 27, 2025 · 0 comments
Open

Intel471 Connector Ingestion Issue #3519

nhuber0724 opened this issue Feb 27, 2025 · 0 comments
Labels
bug use for describing something not working as expected filigran support [optional] use to identify an issue related to feature developed & maintained by Filigran. needs triage use to identify issue needing triage from Filigran Product team

Comments

@nhuber0724
Copy link

Description

The Intel471 connector is ingesting data using incorrect entity types An APT intrusion set is ingested as a threat actor individual. A ransomware is ingested as a threat actor individual.

Environment

OpenCTI 6.5.3

Reproducible Steps

Steps to create the smallest reproducible scenario:

  1. Examine the knowledge tab of a report ingested by Intel471 that contains multiple different entities.
  2. Examine threat actor/individual types.
  3. It appears the Intel471 connector is not ingesting certain entity types correctly.

Expected Output

The connector should ingest entity types appropriately in line with the STIX data model. For instance, APTs should be ingested as intrusion sets. Threat Actor Groups named should be ingested as Threat Actor Groups.

Actual Output

Entities are not ingested correctly.

Additional information

Screenshots available internally.
@nhuber0724 nhuber0724 added bug use for describing something not working as expected needs triage use to identify issue needing triage from Filigran Product team labels Feb 27, 2025
@nino-filigran nino-filigran added the filigran support [optional] use to identify an issue related to feature developed & maintained by Filigran. label Mar 4, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug use for describing something not working as expected filigran support [optional] use to identify an issue related to feature developed & maintained by Filigran. needs triage use to identify issue needing triage from Filigran Product team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nino-filigran @nhuber0724