Liberty91 Documentation
What is Liberty91?
What is Liberty91?
  • What is Liberty91?
  • Why did we build Liberty91?
  • Meet the team
  • Key Concepts
  • Get in touch
Powered by GitBook
On this page

Why did we build Liberty91?

PreviousWhat is Liberty91?NextMeet the team

Last updated 1 year ago

Liberty91 grew from a simple RSS-reader to the AI-powered Intelligence Platform it is today. After the first simple use cases, more and more features were added. And we continue to do so based on our customers' and partners' feedback

Use Case 1: an RSS-reader

Liberty91 was built by Intelligence Analysts who needed a solution that would keep them up-to-speed about what was going on in the threat landscape right now. Essentially an RSS-reader, but also for premium, closed sources that expose an API, but don't provide an xml-feed (for example: the hits of , or the reports published on ).

The first version of Liberty91 was exactly that: a rolling feed on the command line, put on the big wall screen of a Security Operations Center. A nice bonus was that this was a screen the SOC-analysts would actually look at, because it was more relevant and interesting than or 'things that count'.

This ultimately developed into the and the .

Use Case 2: A Threat Library

Having a useful dashboard is great, but capturing, storing and cataloguing all that reporting is better. That's why we built the . Liberty91 reads everything that comes in, and based on a series of complex keyword filters, decide what should be put under what Threat Card (which can be , or , all of which can be grouped in a collection called ). This also helps with two other important things:

  1. On the dashboards, it visualizes whether a certain threat you care about is mentioned in a new post, helping with prioritization

  2. It helps Liberty91 assess how important a certain post is (its ). You can set criticality for everything: your assets, attack-surface, et cetera, but also the threats. By setting higher criticalities, you tell Liberty91 you care more about this entity (and therefore the post mentioning it).

Use case 3: Making it relevant to individual organizations

Once we started trialing Liberty91, we received feedback about the relevance of the events. Questions like 'but how do I know Turla is relevant to my organization?' or 'Is this zero-day something I should care about?' started to come up.

That's why we built the ''. By Liberty91 what makes your organization your organization, we started leveraging AI to 'read' the events in real-time, filter, assess, analyze and report on the relevance of events.

the pew-pew map
criticality
Threat Library
your yara-rules in VirusTotal
Mandiant Advantage
Recent Threat Dashboard
Criticality Dashboard
threat actors
malware families
vulnerabilties
Threat Clusters
company clusters
telling