3 Post Tagged as automation

Building Pipelines with PassiveTotal

One of the most powerful features inside of PassiveTotal is the ability to monitor infrastructure and receive alerts when something changes. We’ve covered how to deploy monitors in previous postings and videos, but never showed how they could be used for follow-up actions. By combining the notifications and monitors API from the account endpoints, it’s easy to create an automated system to block or publish threat data.

Crimeware Focus

Over the past few

read more

Bring PassiveTotal Directly to Splunk

Users have asked, and now it's here.

With the all-new PassiveTotal App for Splunk, organizations can now bring context to external threats, analyze attack data, and correlate that information with their internal event data to pinpoint and remediate threats—all in one place.

How does it work?

PassiveTotal App for Splunk from RiskIQ on Vimeo.

To automate security investigations into suspicious domains or IP addresses, the PassiveTotal App for Splunk searches the large and diverse

read more

PassiveTotal Hubot 2.0

It’s hard to believe, but just nine months ago, we rolled out our first version of Hubot scripts using Slack as an example of how you could further your analysis. Back then, we were working with limited amounts of data and could only provide passive DNS. Today, we are in a much different place and felt it was time to really build out our bot capabilities. Released on our Github repository and the NPM

read more