<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Threat Intelligence on Cutaway Security</title><link>https://www.cutawaysecurity.com/tags/threat-intelligence/</link><description>Recent content in Threat Intelligence on Cutaway Security</description><generator>Hugo -- gohugo.io</generator><language>en</language><lastBuildDate>Tue, 30 Jun 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://www.cutawaysecurity.com/tags/threat-intelligence/index.xml" rel="self" type="application/rss+xml"/><item><title>Before the Threat Hunt: Enriching the Section 1260H Software List with AI</title><link>https://www.cutawaysecurity.com/blog/enriching-the-section-1260h-software-list-with-ai/</link><pubDate>Tue, 30 Jun 2026 00:00:00 +0000</pubDate><guid>https://www.cutawaysecurity.com/blog/enriching-the-section-1260h-software-list-with-ai/</guid><description>&lt;h2 class="relative group">TL;DR
 &lt;div id="tldr" class="anchor">&lt;/div>
 
 &lt;span
 class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100 select-none">
 &lt;a class="text-primary-300 dark:text-neutral-700 !no-underline" href="#tldr" aria-label="Anchor">#&lt;/a>
 &lt;/span>
 
&lt;/h2>
&lt;p>The U.S. Department of Defense publishes a list, under Section 1260H, of companies it has identified as Chinese military companies operating in the United States. I wanted to turn that roster of corporate names into something a defender can use: an inventory of the software those companies publish, and a way to find it on a Windows machine. This is enrichment work. It is the step before a threat hunt, not the hunt itself. I ran it twice. The first pass, with Microsoft Copilot, produced an analysis that looked right and a dataset that was empty. The second pass, with Claude Code, produced a dataset that was disciplined and mostly unverifiable. What shipped is smaller and honest: a sourced catalog of companies and their software, and a simple PowerShell script that gives you a place to start. The other cost was time. The fast start turned into a long slog dragging the work back to something trustworthy, and the lesson I am keeping is about managing that time, not the tools. The result is on &lt;a href="https://github.com/cutaway-security/threat_hunt_china_entities" target="_blank" rel="noreferrer">GitHub&lt;/a>.&lt;/p></description><media:content xmlns:media="http://search.yahoo.com/mrss/" url="https://www.cutawaysecurity.com/blog/enriching-the-section-1260h-software-list-with-ai/feature.png"/></item></channel></rss>