OpenCTI または OpenAEV プラットフォームを 30 日間お試しいただけます。 無料トライアル
XTM Hub by Filigranサインイン
Adversary & Campaign Insights
Vertical Market & Mission-Specific Intelligence
A picture of RG9jdW1lbnQ6N2NhMjMyMTgtOTJhZS00MjE4LThmZTktMjY3MmZkYjNjMjlk
A picture of RG9jdW1lbnQ6YzEzMmFmOGQtZTI1OC00ZTFiLTlkZDYtZDY2NDIwZGQxZmEx
A picture of RG9jdW1lbnQ6ZDQ2OGQ4M2ItM2UzOS00MWQ1LThiNmUtYjY4MGYxMDI0MTA2

概要

An advanced dashboard giving you a full overview of threat activities against France. This Dashboard can be adapted to cover other countries.

The France dashboard is designed to provide a comprehensive overview of threats reported to be targeting the country. This dashboards provides a first-look top-down overview of all threats targeting the country, and can be adapted to address specific Priority Intelligence Requirements (PIRs) targeting the country.

Overview

  • The High Level Indicators section gives aggregate statistics for the entire dataset, giving situational awareness of the total volume of data in the platform
  • Active Threats shows the total number of reports for each threat actor that contain this country in the report
  • Recent Activities shows a timeline of campaigns that contain the country
  • Technical Information shows counts of indicators relating to the country

Usage

  • The High Level Indicators give an idea of the volume of data in your platform that is categorised as relating to the country. If these figures are low, then the other threat-centric widgets will also have a low count. If you have a low count, common reasons can include: low volume of ingested data; ingested data does not contain country as a STIX entity; too few reports in the time range set for the dashboard.
  • Active Threats shows Intrusion Sets, Threat Actors and Malware that have been reported as targeting the country within the time range for the dashboard (usually from a report linking the threat to the country that was received within the time range). Changing the time range to a recent time range, such as 1 or 3 months, will focus on more recent reports of threats against the country.
  • Top Techniques used by Threats shows Attack Patterns (typically MITRE ATT&CK Techniques) known to be used by an Actor or Intrusion Set targeting the country. Where a report contains the country as a target, and the actor or intrusion set, then all Attack Patterns / TTPs known to be used by these actors (not just the TTPs included in the reports, or TTPs used against this country) will be shown here.
  • Top Vulnerabilities targeted by Threats shows Vulnerabilities that were reported as being targeted by a Threat Actor or Intrusion Set, that targets the country. This chart is indicative of vulnerabilities that are at a higher risk of exploitation in organisations within the country.

Data Pre-requisites

All widgets in this dashboard rely on reports ingested into OpenCTI that contain structured STIX entities, including targeted country, threat actors, intrusion sets, malware entities, and indicators. If you do not have a stream of reports into OpenCTI that contain these entities, these dashboards will be empty. Most commercial feeds, and some open-source ones, will contain this structure.

In addition, you can improve the inclusion of content in this report by:

  1. Configuring the OpenCTI Datasets connector, which ingests the master datasets, including countries, with the UUIDs that are used in this dashboard. Each widget uses the specific UUID for the country from this specific dataset.
  2. Turning on many of the Rules engine rules, that infer relationships between entities that are contained in a report (eg. if actor targets ‘France’, then infer that actor targets ‘Europe’)
  3. Reviewing all Countries, and checking that ‘similar’ countries from other feeds are merged into the master entity from the OpenCTI Dataset, or at least are a child/subset of it. (eg. ‘Europe-France’ is merged with ‘France’, which is a subset of ‘Europe’)

Specific relationships that are used in these widgets include:

  • The relationship of Threat Actor or Intrusion Set targets the country
  • The relationship of Threat Actor or Intrusion Set targets a vulnerability
  • The relationship of Threat Actor or Intrusion Set uses an Attack Pattern
  • The relationship of Threat Actor or Intrusion Set uses a Malware
  • The relationship of Indicator indicates a Malware, Threat Actors, Intrusion Set, Campaign

基本情報

Filigran
Enzo Queiros Martins
2026年2月27日
6.8.13
100+
5

    当社は、XTM Hubの機能を動作させ、その利用状況を把握し、ユーザー体験を向上させるためにクッキーを使用しています。必須のクッキーは常に有効になっています。また、ユーザーの同意を得た上で、機能、パフォーマンス、分析、およびマーケティングを目的としたオプションのクッキーも使用しています。 すべてのクッキーを受け入れる、すべてを拒否する、または許可するオプションのクッキーを選択することができます。「クッキー設定」から、いつでも設定を変更できます。詳細については、当社のクッキーポリシーをご覧ください。