From 682204fb2111d21391d66469fc05f7d7505d20c4 Mon Sep 17 00:00:00 2001
From: Meitar M <meitarm@gmail.com>
Date: Thu, 26 Jul 2018 10:53:16 -0400
Subject: [PATCH] Add two open source NSA threat intelligence and analytics
 tools.

---
 README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/README.md b/README.md
index dcc39b9..b87cb8b 100644
--- a/README.md
+++ b/README.md
@@ -14,6 +14,7 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea
 - [Firewalling distributions](#firewalling-distributions)
 - [Security Information and Event Management (SIEM)](#security-information-and-event-management-siem)
 - [Service and performance monitoring](#service-and-performance-monitoring)
+- [Threat intelligence, analytics, and reporting](#threat-intelligence-analytics-and-reporting)
 - [Transport-layer defense](#transport-layer-defenses)
 
 ## Honeypots
@@ -50,6 +51,11 @@ See also [awesome-honeypots](https://github.com/paralax/awesome-honeypots).
 - [Nagios](https://nagios.org) - Popular network and service monitoring solution and reporting platform.
 - [OpenNMS](https://opennms.org/) - Free and feature-rich networking monitoring system supporting multiple configurations, a variety of alerting mechanisms (email, XMPP, SMS), and numerous data collection methods (SNMP, HTTP, JDBC, etc).
 
+## Threat intelligence, analytics, and reporting
+
+- [Unfetter](https://nsacyber.github.io/unfetter/) - Identifies defensive gaps in security posture by leveraging Mitre's ATT&CK framework.
+- [GRASSMARLIN](https://github.com/nsacyber/GRASSMARLIN) - Provides IP network situational awareness of industrial control systems (ICS) and Supervisory Control and Data Acquisition (SCADA) by passively mapping, accounting for, and reporting on your ICS/SCADA network topology and endpoints.
+
 ## Transport-layer defenses
 
 - [OpenVPN](https://openvpn.net/) - Open source, SSL/TLS-based virtual private network (VPN).