Machine Readable Representation of Adversary Behavior (video)

The OCA Indicators of Behavior (IOB) Project works to represent patterns of behavior associated with malicious cyber activity. This video provides a brief overview of our reference implementation showing how we represent a sequence of observed adversary behaviors, detections for those behaviors, and workflows to correlate the detections in Structured Threat Information eXchange (STIX) format. It also provides some background on how we derive these representations and use them to detect malicious cyber activity across multiple campaigns. To learn more or to join our project, please visit IoB Github repository.