Producer
List of threat intelligence producer from security vendors to CERTs including any producer of intelligence at large.
Authors
| Authors and/or Contributors |
|---|
| Various |
Intel471
Intel 471 provides adversary and malware intelligence for leading security teams. Our adversary intelligence is focused on infiltrating access to closed sources where threat actors collaborate, communicate and plan cyber attacks. Our malware intelligence leverages our adversary intelligence and underground capabilities to provide timely data and context on malicious infrastructure.
Synonyms
"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular Intel471.
| Known Synonyms |
|---|
Intel 471 |
Intel 471 Inc. |
Internal MISP references
UUID 306bc923-3200-47e3-ade9-50ffc41f668c which can be used as unique global reference for Intel471 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Cyber Security Vendor'] |
| country | US |
| official-refs | ['https://intel471.com/'] |
| product-type | ['intelligence-feed-provider'] |
| products | ['Malware Intelligence', 'Vulnerability Intelligence'] |
Sophos
Sophos Ltd. is a British-based security software and hardware company. It was listed on the London Stock Exchange until it was acquired by Thoma Bravo in February 2020
Synonyms
"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular Sophos.
| Known Synonyms |
|---|
Sophos LTD |
Internal MISP references
UUID 455b9e40-e8dd-443b-87b3-c70bd09b4231 which can be used as unique global reference for Sophos in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Cyber Security Vendor'] |
| country | UK |
| official-refs | ['https://www.sophos.com/'] |
| product-type | ['antivirus-vendor'] |
| products | ['Endpoint'] |
Group-IB
Group-IB is a creator of cybersecurity technologies to investigate, prevent and fight digital crime
Internal MISP references
UUID 21afba9e-cd2a-45c9-b421-b1f14fd181e9 which can be used as unique global reference for Group-IB in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Cyber Security Vendor'] |
| official-refs | ['https://www.group-ib.com/'] |
| product-type | ['Threat Intelligence', 'Attack Surface Management', 'Fraud Protection', 'Digital Risk Protection', 'Managed XDR', 'Business Email Protection'] |
| products | ['Unified Risk Platform'] |
Mandiant
Mandiant is an American cybersecurity firm and a subsidiary of Google.
Internal MISP references
UUID da5cdcd1-7b15-4371-b7eb-ca32916d2052 which can be used as unique global reference for Mandiant in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Information security'] |
| country | US |
| official-refs | ['https://www.mandiant.com/'] |
| product-type | ['Proactive Exposure Management', 'Government', 'Digital Risk Protection', ' Ransomware Protection'] |
| products | ['OpenIOC'] |
Spycloud
Thread intelligence provider focusing on data leaks
Internal MISP references
UUID ad99da77-986b-45bc-a7b0-c1887dd55b59 which can be used as unique global reference for Spycloud in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | US |
| official-refs | ['https://spycloud.com'] |
| product-type | ['Post-Infection Remediation', 'Ransomware Prevention', 'Automated ATO Prevention', 'Session Hijacking Prevention', 'Threat Actor Attribution', 'Fraud Prevention'] |
Domaintools
DomainTools is a leading provider of Whois and other DNS profile data for threat intelligence enrichment.
Internal MISP references
UUID 993c6a36-b625-4a1f-8737-72ba5a197744 which can be used as unique global reference for Domaintools in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Threat Intelligence'] |
| country | US |
| official-refs | ['https://www.domaintools.com/'] |
| products | ['Iris Intelligence Platform', 'Farsight DNSDB', 'Threat Intelligence Feeds'] |
Feedly
Feedly is an AI-powered news aggregator application for various web browsers and mobile devices running iOS and Android. It is also available as a cloud-based service.
Internal MISP references
UUID 4e7c737a-4912-488a-8571-1f9226ebad05 which can be used as unique global reference for Feedly in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| official-refs | ['https://feedly.com/homepage'] |
| product-type | ['Threat Intelligence'] |
Networksdb.io
Database of public networks, IP addresses and domain names owned by companies and organisations worldwide.
Internal MISP references
UUID 17fec4c4-3822-4198-9735-cee04aa51305 which can be used as unique global reference for Networksdb.io in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| official-refs | ['https://networksdb.io/'] |
Censys
Compagny providing comprehensive dataset of internet intelligence
Internal MISP references
UUID 101ca178-12c8-4488-b234-93f263e30b1a which can be used as unique global reference for Censys in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | US |
| official-refs | ['https://censys.com/', 'https://censys.io/'] |
| products | ['Censys Search', 'Exposure Management', 'The Censys Internet Map', 'Integrations'] |
DomainIQ
DomainIQ is an internet research tool providing information about a domain name, its owner, the server it's hosted on, its ownership history, similar domains and more.
Internal MISP references
UUID 3f79697b-63d8-4c86-aabf-84df1f03c43d which can be used as unique global reference for DomainIQ in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | US |
| official-refs | ['https://www.domainiq.com'] |
Arctic
Computer and Network Security
Synonyms
"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular Arctic.
| Known Synonyms |
|---|
Arctic Security |
Internal MISP references
UUID 542f8890-128b-42ca-97f9-8fe2af7ab783 which can be used as unique global reference for Arctic in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Computer and Network Security'] |
| country | FI |
| official-refs | ['https://www.arcticsecurity.com/'] |
Bitsight
BitSight is a cybersecurity ratings company that analyzes companies, government agencies, and educational institutions.
Internal MISP references
UUID 1e98d9ac-0ef1-4046-bf9f-7c905a56ba90 which can be used as unique global reference for Bitsight in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | US |
| official-refs | ['https://www.bitsight.com'] |
RiskIQ
RiskIQ, Inc. is a cyber security company that was based in San Francisco, California. It provided cloud-based software as a service (SaaS) for organizations to detect phishing, fraud, malware, and other online security threats. RiskIQ was acquired by Microsoft in July 2021.
Internal MISP references
UUID 9f279581-5514-42cd-8011-05af9787ee37 which can be used as unique global reference for RiskIQ in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Cyber Security company'] |
| country | US |
| official-refs | ['https://community.riskiq.com/'] |
| product-type | ['Threat detection'] |
Sweepatic
Sweepatic is a cybersecurity company
Internal MISP references
UUID c9bd796a-8b73-42ab-8abe-0016292f5528 which can be used as unique global reference for Sweepatic in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Cyber Security vendor'] |
| country | BE |
| official-refs | ['https://www.sweepatic.com'] |
| product-type | ['EASM platform'] |
Team Cymru
Team Cymru is an internet security firm that offers research services making the internet a more secure place.
Internal MISP references
UUID 8a22c0b2-d05f-4142-ab74-ffdf38fe4758 which can be used as unique global reference for Team Cymru in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Cyber Security vendor'] |
| country | US |
| official-refs | ['https://www.team-cymru.com/'] |
| product-type | ['Threat Intelligence Solutions', 'Attack Surface Management Solution', 'Threat Feeds'] |
| products | ['Pure Signal™ Recon', 'Pure Signal™ Scout', 'Pure Signal™ Orbit', 'IP Reputation Feed', 'Controller Feed', 'Botnet Analysis & Reporting'] |