Tool for visualizing correspondences between YARA ruleset and samples
In the last couple of years, organizations have demonstrated an increased willingness to exchange information and knowledge regarding vulnerabilities, threats, incidents, and mitigation strategies in order to collectively protect against today’s sophisticated cyberattacks. As a reaction to this trend, software vendors started to create offerings that facilitate this exchange and appear under the umbrella term “Threat Intelligence Sharing Platforms”.
Tool for visualizing correspondences between YARA ruleset and samples
A threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel
A Splunk app mapped to MITRE ATT&CK to guide threat hunts.
AbuseIPDB offers tools and APIs to report and check abusive IPs, enhancing network security.
A threat intelligence domain/IP/hash threat feeds checker that checks IPVoid, URLVoid, Virustotal, and Cymon.
A modular malware collection and processing framework with support for various threat intelligence feeds.