Tutorial

Tutorial

1. Create New Post

• Log in to SNS.

• Click "New" and modify a title (auto-fill)

• Input content as follows:

I share my test CTI:
(your favorite ipv4 address)
(your favorite domain name)
(your favorite CVE number)

• Select your favorite TLP

• Select Sharing Range "All Users"

• Attach files (if needed)

　Multiple files can be attached.

• (Tips) Anonymous Post

　If you check "Post as Anonymous", the post will be created by Anonymous user. It is not checked by default.

• Then click "Post"

CTI Element Extractor extracts ipv4 address/domain name/CVE as STIX elements in your post. Confirm the result and click "Compose".

Your post will appear on top of the feed. You can view the post by clicking the title and

• Download STIX/CSV/PDF (these files are automatically generated)
• Download attachment files (if attached)
• View in GV
• Like/unlike the post
• Input a comment

2. Upload STIX File

• Log in to RS and click "Upload" in the menu.

• Choose "Community" for the STIX file that you are going to upload. In general, you had better give a "Community" name as CTI source. You can create new Community (e.g. "test community") by clicking "Configuration" -> "Community" in menu.

• Choose the STIX file.

• Enter the package name if you want to name it. If you leave it blank, the title will be set with the STIX title. Then click "Upload".

• Click "List" in the RS menu and confirm the uploaded STIX is listed.

3. More Information

Configure S-TIP for the next step.