Building a Mitre Attack Navigator Layer and TTPs Timeline using Azure OpenAI

Visualizing Cyber Threat Data leveraging LLM

Antonio Formato
Microsoft Azure

--

The realm of cyber threat intelligence visualization resonates profoundly with me. As a cybersecurity professional, analyzing numerous intelligence reports is a demanding task. To enhance efficiency, I advocate using Generative AI tools. These tools, advanced in language processing, help manage and interpret large volumes of text data.

Inspired by experts like Oleksiy Meletskiy, I’ve developed a Jupyter Notebook that improves how we analyze intelligence reports. It uses Azure OpenAI to automatically extract important data from available reports or articles. This tool efficiently processes text and creates visual Mitre Layers.

The notebook also uses Large Language Models to create timelines showing attack strategies from these reports. This highlights Generative AI’s role in enhancing cyber defense.

This blog post covers how the Jupyter Notebook utilizes Azure OpenAI for TTP extraction and visualizes cyber attack timelines with tools like Mitre Attack Navigator and Mermaid.js. The goal is to provide cybersecurity professionals with efficient, insightful tools for cyber threat management.

Table of Contents of the Notebook.

  1. Extracting Insights: Building a Web Scraper for Blog Post Data
  2. Revealing Content: Printing the Scraped Blog Post

--

--