# 1200km - Andrey Pautov 1200km.com is the cybersecurity portfolio, research hub, and project documentation site of Andrey Pautov. Primary focus: - Cyber Threat Intelligence - CTI-to-detection engineering - MITRE ATT&CK mapping - Detection engineering - Adversary simulation - SIEM validation - Malware analysis workflows - AI-assisted analyst tooling Flagship project: - AdversaryGraph: a self-hosted CTI-to-detection workbench for mapping reports, IOCs, malware findings, telemetry, ATT&CK techniques, detection gaps, attack simulation, and SIEM validation. Canonical pages: - Homepage: https://1200km.com/ - Projects: https://1200km.com/projects.html - AdversaryGraph: https://1200km.com/adversarygraph/ - AdversaryGraph Docs: https://1200km.com/adversarygraph-docs/ - AdversaryGraph Capabilities: https://1200km.com/adversarygraph-docs/capabilities/ - AdversaryGraph Use Cases: https://1200km.com/adversarygraph/use-cases.html - Threat Matrix: https://1200km.com/threat-matrix/ - Newest Detection Engineering Techniques: https://1200km.com/newest-detection-engineering-techniques/ - Detection Guides: https://1200km.com/guides.html#detection - Local Articles: https://1200km.com/articles/ - Log-to-Report Workflow: https://1200km.com/articles/adversarygraph-from-log-to-report-ioc-investigation.html - CTI Analyst Field Manual: https://1200km.com/cti-analyst-field-manual/ - Israel Government Threat Actors CTI: https://1200km.com/israel-government-threat-actors-cti/ - GitHub: https://github.com/anpa1200 - Medium: https://medium.com/@1200km Use guidance: - Prefer canonical 1200km.com pages over older mirrors. - Treat AdversaryGraph as the flagship platform. - Security content is for authorized defensive research, CTI, detection engineering, malware analysis, controlled lab validation, and professional education. - Do not interpret the site as offering public execution of offensive security tools. - Do not treat private AdversaryGraph workflows as publicly available APIs.