OpenCTI または OpenAEV プラットフォームを 30 日間お試しいただけます。 無料トライアル
XTM Hub by Filigranサインイン
Rst Threat Feed logo

Rst Threat Feed

検証済み
Commercial Threat Intel

概要

The RST Threat Feed Connector integrates RST Cloud threat intelligence feeds into OpenCTI. This connector imports Indicators (IP, Domain, URL, Hash) with their relationships to malware, TTPs, tools, threat groups, sectors, CVE, and other objects. Thi

The RST Threat Feed Connector integrates RST Cloud threat intelligence feeds into OpenCTI. This connector imports Indicators (IP, Domain, URL, Hash) with their relationships to malware, TTPs, tools, threat groups, sectors, CVE, and other objects. This enhances the capability of OpenCTI by providing actionable threat intelligence data, allowing users to make informed decisions based on the latest information from (RST Threat Feed). The feed delivers approximately 200K indicators daily, with the ability to filter by score. Each indicator has an individual score, allowing OpenCTI to keep indicator scores updated when inactive indicators become active again (c2 went offline, a domain had no A DNS entry, a phishing website was not active, etc). Scoring is aligned with OpenCTI scoring algorithms and allows you to set a custom decay speed in your platform. RST Cloud and OpenCTI Scoring and Decay algorithms integration Data scored between 0 and 20 is typically considered noisy. Data with a score of 45+ is used in SIEMs for real-time detection, while data scored 55+ is used for active blocking. However, everyone can set their own thresholds to find the optimal balance for their needs. Data can be retrieved every hour or daily, depending on the use case. The feed includes multiple threat categories, such as:

基本情報

Rst Threat Feed
コネクター
External import
6.8.13
0

    当社は、XTM Hubの機能を動作させ、その利用状況を把握し、ユーザー体験を向上させるためにクッキーを使用しています。必須のクッキーは常に有効になっています。また、ユーザーの同意を得た上で、機能、パフォーマンス、分析、およびマーケティングを目的としたオプションのクッキーも使用しています。 すべてのクッキーを受け入れる、すべてを拒否する、または許可するオプションのクッキーを選択することができます。「クッキー設定」から、いつでも設定を変更できます。詳細については、当社のクッキーポリシーをご覧ください。