Addon marketplace

RST Threat Feed

The ultimate source of comprehensive knowledge about cybersecurity threats from all over the world in a ready-to-use format and the ability to enrich data using our APIs

The RST Threat Feed service collects actual knowledge about threats from various TI sources. It normalises, filters, enriches and scores the data to share it with your security team and integrate with Maxpatrol SIEM.

What makes us different

IoC normalisation, filtering and standardisation when collecting indicators: • data is normalised and is stored in one format • all malware names are unified • noise is filtered (MS Updates, CDPs, Well-known IPs, etc.)

Content enrichment: • all context data is parsed and normalised • lots of additional enrichment mechanisms • dedicated Whois API for domain data

Content and categorization: • more than 20 malware categories • Industry Tagging • 250k+ unique indictors per day • Related indicators and CVEs • ASN (Org, Number of domains registered) and URL verification • References to the sources and related indicators

Product
MaxPatrol SIEM
Category
Solutions
Tags
  • TI·