Starter15 min6 steps
Onboarding in 15 minutes
From `pnpm install` to your first feed sync. Spin up the data plane, push the schema, run the seed script, and watch the first IOC land.
Read the walkthrough
From `pnpm install` to your first feed sync. Spin up the data plane, push the schema, run the seed script, and watch the first IOC land.
Wire VirusTotal into the enrichment pipeline. Add the key, verify the worker picks it up, see enriched IOCs in the dashboard.
End-to-end analyst workflow: alert → IOC drawer → pivot in graph → mark as triaged → close. The thing your day-1 SOC tier-2 hire needs to learn.
Author an event-driven playbook that fires when a KEV CVE lands. Trigger, condition, action, alert routing.
Round-trip data between Rinjani and a MISP instance. Field mapping, relationship preservation, and what changes on re-import.
From a clean cluster to a running platform. Helm values, secrets management, ingress, observability stack, scaling notes.
Stand up the TAXII 2.1 endpoints, configure collections, and exchange threat intelligence with a partner organisation.