How To Integrate or Query My Public STIX STIX2 TAXII Threat Actor Specific Threat Intelligence Feed In Your Firewall or Security Solution - An Analysis
0
- Full list of solutions compatible with STIX STIX2 and TAXII
- EventLog Analyzer
- ThreatConnect
- Azure Sentinel
- Splunk
- Cisco
- Elemendar
- Cortex XSOAR
- TrendMicro
- ArcSight
- Microsoft Sentinel
- EventTracker
- Plixer Scrutinizer
- Sumo Logic
- Kaspersky CyberTrace
- ServiceNow
- CheckPoint ThreatCloud
- Carbon Black EDR
- Cisco Email Gateway
- ThreatConnect
- LogPoint
- Tanium
- Symantec
- LogRhythm
- Infoblox
- Cloudera
This is Dancho. Big news! I've decided to make approximately 15 years of active and unique threat actor specific research publicly accessible online for free using the OpenCTI STIX STIX2 TAXII platform and not only convert all the cool and juicy and full of never-published and discussed before niche threat actors both internationally and in Russia but also make them into a free STIX STIX2 TAXII threat intelligence feed and turn them into a machine readable format with the idea to centralize and speed up the communication of my research and potentially allow you to better catch up improve your situational awareness and learn new things about the international bad guys including the bad guys in Russia including their Internet infrastructure and catch up with who they are and what are some of their latest campaigns in the world of fighting cybercrime.
Your Lifetime API Key: f8aa0cca-a0ac-4eff-9c03-1c86ad7aee93
Users of Anomali ThreatStream, LogRhythm, Palo Alto MineMeld, TruSTAR TAXII Server including Trend Micro Vision One or Cortex XSOAR and basically anyone using STIX STIX2 and TAXII in their security solution can now freely grab and explore my historical threat actor specific research including to actually pull some of my latest research which I produce every day for free.
Here are the details:
Portal: https://ddanchev.ngrok.io
API: https://ddanchev.ngrok.io/graphql
API Documentation: https://luatix.notion.site/GraphQL-API-cfe267386c66492eb73924ef059d6d59
API Client: https://opencti-client-for-python.readthedocs.io/en/3.3.0/pycti/pycti.html
API requirements: https://github.com/amr-cossi/opencti-maltego/blob/master/config.py.sample
TAXII Collection: https://ddanchev.ngrok.io/taxii2/root/collections/c2259b20-9c60-4ddd-8931-8de970440f06/objects
Bearer Token Authentication Required: https://github.com/OpenCTI-Platform/opencti/issues/1198
Maltego transforms available: - https://www.maltego.com/downloads/ - https://www.maltego.com/transform-hub/opencti/ - https://www.maltego.com/transform-hub/stix/
Sample screenshots:
Stay tuned!
Continue reading →
Dancho Danchev's Second Edition of "Cybercrime Forum Data Set for 2022" Available - 113GB Direct Torrent Download Available! Grab a Free Copy Today!
0
https://academictorrents.com/details/131080b57d568ca3d05794cde5a3d7774f890373 - Dancho Danchev's Research Compilation 2005-2022 - Direct Torrent Download Available!
https://academictorrents.com/details/e1b755efb9cb7ec5d5bcea4e60911e2a70a86201 - Dancho Danchev's Cybercrime Forum Data Set for 2022 - Second Edition - Direct Torrent Download Available!
https://academictorrents.com/download/131080b57d568ca3d05794cde5a3d7774f890373.torrent - Dancho Danchev's Research Compilation 2005-2022 - Direct Torrent Download Available!
https://academictorrents.com/download/e1b755efb9cb7ec5d5bcea4e60911e2a70a86201.torrent - Dancho Danchev's Cybercrime Forum Data Set for 2022 - Second Edition - Direct Torrent Download Available!
The compilation is also available here:
https://www.kaggle.com/danchodanchev/dancho-danchevs-cybercrime-forum-data-set-torrent
Stay tuned!
Continue reading →
Folks,
Do you remember who I am? Do you need to do a historical check on the security industry including me as an individual including my personal blog and all the socially-oriented work and contributors that I've made to the industry during the past ten years? If an image is worth a thousand words consider going through these images which I just found and took photos of and guess what - brace yourselves for the ultimate reality where I've officially spend over two decades actively working and researching the security industry.
What's my idea to publish these images? My personal goal and motivation is to make it clear and to ensure that my readers truly know what I've been up to in terms of challenges and all the hard work that I've done and achieved over the past twenty years in the security industry when I was basically a teenage hacker enthusiast that many folks and friends remember from back in the 90's.
Grab a copy of these images and keep them just in case they vanish somewhere or just in case and always remember to say "hi" or "keep up the good work" in a personal message or using email. It will be greatly appreciated. Don't forget - "The Best is Yet to Come".
Sample personal photos of Dancho Danchev's personal career experience in the world of hacking/information security/computer and network security/cybercrime research/security blogging/OSINT and threat intelligence analysis up to present day where you can check my company site here - https://disruptive-individuals.com my CV here - http://disruptive-individuals.com/wp-content/uploads/2021/11/Dancho_Danchev_CV_2021.pdf my Twitter account here - https://twitter.com/dancho_danchev my Medium account here - https://medium.com/@danchodanchev my YouTube channel here - https://www.youtube.com/channel/UCH2ocTnppIEoLqGAUG4cm3Q my Archive.org compilation of research here - https://archive.org/details/@ddanchev including my Keynote on tracking down and monitoring of the Koobface botnet here - https://www.youtube.com/watch?v=hgQ_nxoMXzY and don't forget to send all your friends a link to this post including to my front page at - https://ddanchev.blogspot.com/ include the following photos:
Stay tuned!
Continue reading →
RSS Feed