Distilling blockchain requirements for digital investigation platforms

When handling a security incident, there is lot of information that needs to be stored, processed, and analyzed. As result the volume necessity deal with incident investigation promptly, different forensic tools have been developed provide cyber threat intelligence response management platforms solutions. These enable responders effectively collaborate in identifying investigating incidents, manage their work on case from creation until resolution or completion, automate tasks external information. Since services are growing priority at organizations, pressing need for trustworthy transparent way maintain authenticity integrity investigative actions independently verifiable. Generally, allows analyst add related logs. Asides possibility log being deleted, it difficult audit traceability provenance if user decides malicious. To address this problem, we propose utilizing blockchain ledger associated metadata by extracting requirements cybersecurity models gathered through analysis an open-source platform. We demonstrate applicability proposed techniques methods scenario evidence within TheHive platform (SIRP).