During the development of the ATLAS, even though I believed it would be something, I didn't have any clue that proves this statement. I started to write as much as possible ATLAS rules afterward, and the experience has convinced me that ATLAS helps us to store and share malware analysis details in an actionable way.
I am passionate about developing a standalone version of the distinct capabilities of the malware, attack vector that I analyze. It helps me to understand the specimen much more deeply. The other advantage is that your code breaks when the actor updates the capability. That means I can track them. In one of my other blog posts, I described how I tracked two highly active malware families, Remcos and Emotet, for months. It is for fun and profit.
In a world full of threats that target indiscriminately every bit and byte of our society, it is curial to have decent intelligence and respond accordingly. These threats often use specialized tools, named malicious software or malware, to achieve from cybercrime to espionage and destructive purposes. In this cat and mouse game, VirusTotal, which was created in 2004, has become the source of malware intelligence, and it provides myriads of information. By the platform's maturation, it has gained advanced capabilities that the analyst uses to enlighten the knowledge gaps.