As analysts, one of the biggest challenges in dealing with malicious actors is maintaining insight into their operations. It's nearly impossible to know when an actor may decide to change their infrastructure and even more difficult for us to keep tabs on every domain or IP address they control. But what if you could get alerted to those changes automatically? Starting today, PassiveTotal users can now monitor infrastructure of interest and receive alerts when we
8 Post Tagged as features
Ever find yourself coming across familiar looking infrastructure, but can't remember where or why or when you saw it? More importantly, are you able to remember if it were good, bad or just a figment of your imagination? Yeah, we've been there too and that's one of the primary reasons PassiveTotal included the ability for analysts to classify a domain or IP address within the platform.
When responding to incidents, client requests or what feels
With an ever-increasing number of cyber attacks, it’s imperative that organizations have a way to facilitate sharing of attack data in order to defend themselves. Rather than re-create yet another solution, we decided to team up with Facebook and provide a visual interface on top of their ThreatExchange product. Starting today, members of the exchange will now be able to send and receive data stored in ThreatExchange directly from the PassiveTotal platform.
Last week we announced the addition of a new, free data source inside of PassiveTotal, Open Source Intelligence (OSINT). The source has already paid dividends in saving us time and helping add more context, but it wasn’t until last night when reviewing RSA’s GlassRAT report that it really sunk in how much this simple overlay could augment the analyst workflow.
Whenever we observe a new report or blog post with indicators, we make
If you spend enough time in the field, you slowly start to forget what’s common-knowledge versus what you pick up in the trenches or the day-to-day. Information security is no exception to this rule, and yet it’s so easy to forget, even when creating a product for analysts. As you login to the platform or use the API, it’s likely that you’ll now see a couple tags you haven’t added.