Intel Owl
IntelOwl is an Open Source solution for management of Threat Intelligence at scale. It integrates a number of analyzers available online and a lot of cutting-edge malware analysis tools. Features: * Enrichment of Threat Intel for files as well as observables (IP, Domain, URL, hash, etc). * A Fully-fledged REST APIs written in Django and Python. * An easy way to be integrated in your stack of security tools to automate common jobs usually performed, for instance, by SOC analysts manually. * (Thanks to the official libraries pyintelowl and go-intelowl) * A built-in GUI: provides features such as dashboard, visualizations of analysis data, easy to use forms for requesting new analysis, etc. * A framework composed of modular components called Plugins: analyzers that can be run to either retrieve data from external sources (like VirusTotal or AbuseIPDB) or to generate intel from scratch.
FEATURES
SIMILAR TOOLS
A comprehensive Threat Intelligence Program Management Solution for managing the entire CTI lifecycle.
Globally-accessible knowledge base of adversary tactics and techniques for cybersecurity.
A summary of the threat modeling posts and final thoughts on the process
Aggregator of FireHOL IP lists with HTTP-based API service and Python client package.
In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.
Provides indicators of compromise (IOCs) to combat malware with Yara and Snort rules.
Malware Patrol offers a range of threat intelligence solutions, including enterprise data feeds, DNS firewall, phishing threat intelligence, and small business protection.
TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.