Public IP Addresses.
Public Hostnames.
File Hashes (SHA256).
-
SOCFortress Threat Intel API.Threat Intel made simple. The SOCFortress Threat Intel API is designed to be user-friendly and accessible to even the most non-technical users.
-
Security OperationsTake your security operations to the next level: By integrating the SOCFortress Threat Intel API into your security operations, you’ll be able to quickly identify threats, with easy integration with your existing security tools.
Indicators of CompromiseRecorded Events classified by Category and Type.
Indicators Of Compromise.
Threat Intel - Several Integrarions supported.
Graylog.
Wazuh Manager.
Threat Intel - Metadata and Source Events (Windows)
Sysmon Event 1 - Process Creation.
Sysmon Event 3 - Network Connection.
Sysmon Event 6 - Driver Loaded.
Sysmon Event 7 - Image loaded.
Sysmon Event 15 - File Creation (Stream).
Sysmon Event 22 - DNS.
Wazuh Syscheck (File added to system).
Threat Intel - Metadata and Source Events (Linux).
Packetbeat.
OSQUERY.
Wazuh Syscheck (File added to system).
Threat Intel - Metadata and Source Events (Zeek Sensors).
Public IP Addresses - All Zeek Logs with valid metadata.
Public Hostnames - All Zeek Logs with valid metadata.
File Hashes (SHA256) - All Zeek Logs with valid metadata.