Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.
Reach out!
Provides advanced external threat intelligence to help organizations proactively identify and mitigate potential security threats.
Modular Threat Hunting Tool & Framework
A free and open-source OSINT framework for gathering and analyzing data from various sources
A repository to aid Windows threat hunters in looking for common artifacts.
Facilitating exchange of information and knowledge to collectively protect against cyberattacks.
A Splunk app mapped to MITRE ATT&CK to guide threat hunts.
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol, with a focus on incident handling automation and threat intelligence processing.
OpenIOC editor for building and manipulating threat intelligence data with support for various systems.
HoneyDB is a honeypot-based threat intelligence platform that provides real-time insights into attacker behavior and malicious activity on networks.
A collection of YARA rules for research and hunting purposes.
Tool for visualizing correspondences between YARA ruleset and samples
A Linux distribution designed for threat emulation and threat hunting, integrating attacker and defender tools for identifying threats in your environment.
An informational repo about hunting for adversaries in your IT environment.
Curated datasets for developing and testing detections in SIEM installations.
A system for collecting, managing, and distributing security information on a large scale, developed by CERT Polska.
Daily feed of bad IPs with blacklist hit scores for cybersecurity professionals to stay informed about malicious IP addresses.
Signature-based YARA rules for detecting and preventing threats within Linux, Windows, and macOS systems.
A tool for investigating incidents involving users clicking on emails with links or attachments and opening macro-enabled word documents using Sysmon.
Dataplane.org is a nonprofit organization providing free data, tools, and analysis to increase awareness of Internet trends, anomalies, threats, and misconfigurations.
A daily updated summary of security advisories from various sources
A comprehensive list of IP addresses for cybersecurity purposes, including threat intelligence, incident response, and security research.
A cybersecurity concept categorizing indicators of compromise based on their level of difficulty for threat actors to change.
Collection of YARA signatures from recent malware research.
A collection of companies that disclose adversary TTPs after being breached, useful for analysis of intrusions.
Real-time, container-based file scanning system for threat hunting and incident response.
In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.
Repository of APT-related documents and notes sorted by year.
Freely available network IOCs for monitoring and incident response
eCrimeLabs provides a SOAR platform for threat detection and response, integrated with MISP.
A threat hunting tool for Windows event logs to detect APT movements and decrease the time to uncover suspicious activity.
In-depth analysis of real-world attacks and threat tactics
A comprehensive and unrestricted dataset of security incidents for research and decision-making
Cortex is a tool for analyzing observables at scale and automating threat intelligence, digital forensics, and incident response.
The Trystero Project is a threat intelligence platform that measures email security efficacy and provides various tools and resources, while VMware Carbon Black offers endpoint protection and workload security solutions.
A container of PCAP captures mapped to the relevant attack tactic
A simple, self-contained modular host-based IOC scanner for incident responders.
The Cybersecurity and Infrastructure Security Agency (CISA) is a government agency that provides alerts, advisories, and resources to help protect the United States' critical infrastructure from cyber threats.
Open source web app for storing and searching Actor related data from users and public repositories.
Pulsedive is a threat intelligence platform that provides frictionless threat intelligence for growing teams, offering features such as indicator enrichment, threat research, and API integration.
Tools to export data from MISP MySQL database for post-incident analysis and correlation.
Get insights into the latest cybersecurity trends and expert advice on enhancing organizational security.
