In this post, I walk you through steps of running an OpenCTI server in an unprivileged Linux Container in Proxmox to aggregate threat intelligence into a single interface.
Recently, the folks at Chainguard open-sourced some Osquery threat hunting queries, so I wrote a script to convert the queries to YAML docs for import into FleetDM.