Skip to content

QUESTION: How much work would it be to extend Aleph for cyber-crime investigation #2656

Closed Answered by Rosencrantz
U039b asked this question in Q&A
Discussion options

You must be logged in to vote

Hi Esther

Directly extending Aleph or FtM to handle new types of entities such as Threat actor or Campaign should be relatively simple. However, the more you change Aleph/FtM the harder it becomes to integrate changes from source application. If your plan is to move away from these tools to do your own thing then that probably isn't an issue.

Aleph itself is a tool designed to allow users to "find" information and as such the UI only has limited functionality for the creation and modification of data. The real power comes from the ETL pipeline and ingesting data appropriately in order to make it searchable.

If you're looking to modify entities (enrich) over time then as long as you ensure…

Replies: 1 comment 1 reply

Comment options

You must be logged in to vote
1 reply
@U039b
Comment options

Answer selected by tillprochaska
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants
Converted from issue

This discussion was converted from issue #2494 on November 02, 2022 10:18.