Summary
Add a new external-import connector for TruKno breach intelligence.
Problem
OpenCTI currently does not provide an official connector for importing TruKno breach reports and their linked malware / ATT&CK techniques.
Proposed solution
Introduce a TruKno external-import connector that polls the TruKno API incrementally, converts updated breach reports into STIX 2.1 bundles, and sends them into OpenCTI.
Initial scope
- report
- attack-pattern
- malware
Notes
This issue is opened to track the upstream contribution associated with PR #6285.
Summary
Add a new external-import connector for TruKno breach intelligence.
Problem
OpenCTI currently does not provide an official connector for importing TruKno breach reports and their linked malware / ATT&CK techniques.
Proposed solution
Introduce a TruKno external-import connector that polls the TruKno API incrementally, converts updated breach reports into STIX 2.1 bundles, and sends them into OpenCTI.
Initial scope
Notes
This issue is opened to track the upstream contribution associated with PR #6285.