![]() It can be used to query the API and get information. This analyzer lets you get the latest risk data from RecordedFuture for a hash, domain or an IP address. If you have access to the service and can test the analyzer and/or provide report screenshots, please let us know. Also, due to the same reason, this analyzer could not be tested by us. Unfortunately, there are currently no sample report screenshots available, because TheHive’s Core Team does not have access to Proofpoint services. The analyzer can be used to check observables against given indicators of compromise stored in the ProofPoint service. Results are displayed in TheHive in the following manner:Ĭisco Investigate: short and long reports Proofpoint Forensics LookupĪccording to Proofpoint’s website, the Forensics API allows insight in detailed forensic evidences about individual threats or compaigns. An API key is required to use this analyzer. The analyzer can be used to query the Cisco Umbrella (formerly OpenDNS) API and get information about an IP or a domain name. ![]() Datascan and Inetnum flavors in Onyphe analyzer by Pierre Baudry and Adrien BarchaptĪgain, huge thanks for the awesome work that has been performed by all our contributors! InvestigateĬisco Umbrella Investigate provides threat intelligence about domains and IP addresses accross the Internet.RTF files support in FileInfo by Nils Kuhnert.Proofpoint Threat Insight Forensics Analyzer by Emmanuel Torquato.Cisco Investigate by Cisco Umbrella Research Proofpoint Forensics Lookup by Emmanuel Torquato.New and enhanced analyzers, described below, are: ![]() TheHive Project’s Code Chefs are glad to announce that, thanks to the precious contributions of the user community, Cortex has broken the one hundred analyzer mark.Ĭortex-Analyzers version 1.14.0 is out and includes new analyzers, some improvements and some bug fixes.
0 Comments
Leave a Reply. |