Continuous Integration for the Collaborative Analysis of Incidents

The CinCan project was an INEA/CEF funded project worked on by TRAFICOM, Jyväskylä University of Applied Sciences & University of Oulu.

The aim of the CinCan project was to build shareable, repeatable & history preserving analysis pipelines using your favorite (analysis) tools + CI + git + containers. The project integrated analysis tools into pipelines, that will run automatically whenever possible, and the results are automatically evaluated and compiled into shareable threat intelligence packages.

The projects consisted of four main parts:

#1 Quality of threat intelligence
Map the state of the art of threat intelligence feed providers, feeds, contents of the feeds, and possible evaluation sources for feed attributes throughout the project.
#2 Integration of analysis tools
Map the state of the art of threat intelligence feed providers, feeds, contents of the feeds, and possible evaluation sources for feed attributes throughout the project.
#3 Collaborative analysis, with automation
Create tools supporting an integrated analysis workflow (open sourced)
Integrate with #1 (quality evaluation) and #2 (incident analysis) tools
#4 Piloting
Tools and workflows in handling actual cases during the project. The work is performed with a community of pilot users.

More information:

Vesa Vertainen: [email protected]
Erno Kuusela: [email protected]

Homepage: https://cincan.io/
Gitlab: https://gitlab.com/CinCan
Docker Hub: https://hub.docker.com/u/cincan