Auto-generate names for "anonymous" campaigns and intrusion sets #9530
Labels
feature
use for describing a new feature to develop
needs triage
use to identify issue needing triage from Filigran Product team
Comments
ups1decyber
added
feature
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Use case
Reports often describe activities, such as exploitation campaigns targeting specific vulnerabilities, but do not provide explicit names for these campaigns.
It would be helpful to have an option to quickly create a campaign entity with an "anonymous" name using a configurable naming scheme.
Example:
A report describes exploitation activities targeting a vulnerability and subsequent follow-up actions. When adding this information to OpenCTI, we often create a campaign entity for the described activities. However, since the campaign is unnamed in the report, we must generate a name ourselves.
A common approach is to use a naming pattern like
Campaign-<counter>for anonymous or generic campaigns.I propose adding a feature where a button in the interface automatically generates a name following a configurable pattern (e.g.,
Campaign-<counter>) and maintains a running counter for consistency.This functionality would also be beneficial for creating intrusion sets.
Current Workaround
Manually keep track of counters to name anonymous campaigns.
Proposed Solution
In the campaign creation dialog, add a button labeled "Generate Anonymous Name." This button should:
Campaign-<counter>).Additional Information
none
If the feature request is approved, would you be willing to submit a PR?
no
The text was updated successfully, but these errors were encountered: