Producer
List of threat intelligence producer from security vendors to CERTs including any producer of intelligence at large.
Authors
| Authors and/or Contributors |
|---|
| Various |
Intel471
Intel 471 provides adversary and malware intelligence for leading security teams. Our adversary intelligence is focused on infiltrating access to closed sources where threat actors collaborate, communicate and plan cyber attacks. Our malware intelligence leverages our adversary intelligence and underground capabilities to provide timely data and context on malicious infrastructure.
Synonyms
"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular Intel471.
| Known Synonyms |
|---|
Intel 471 |
Intel 471 Inc. |
Internal MISP references
UUID 306bc923-3200-47e3-ade9-50ffc41f668c which can be used as unique global reference for Intel471 in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Cyber Security Vendor'] |
| country | US |
| official-refs | ['https://intel471.com/'] |
| product-type | ['intelligence-feed-provider'] |
| products | ['Malware Intelligence', 'Vulnerability Intelligence'] |
Sophos
Sophos Ltd. is a British-based security software and hardware company. It was listed on the London Stock Exchange until it was acquired by Thoma Bravo in February 2020
Synonyms
"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular Sophos.
| Known Synonyms |
|---|
Sophos LTD |
Internal MISP references
UUID 455b9e40-e8dd-443b-87b3-c70bd09b4231 which can be used as unique global reference for Sophos in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Cyber Security Vendor'] |
| country | UK |
| official-refs | ['https://www.sophos.com/'] |
| product-type | ['antivirus-vendor'] |
| products | ['Endpoint'] |
Group-IB
Group-IB is a creator of cybersecurity technologies to investigate, prevent and fight digital crime
Internal MISP references
UUID 21afba9e-cd2a-45c9-b421-b1f14fd181e9 which can be used as unique global reference for Group-IB in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Cyber Security Vendor'] |
| official-refs | ['https://www.group-ib.com/'] |
| product-type | ['Threat Intelligence', 'Attack Surface Management', 'Fraud Protection', 'Digital Risk Protection', 'Managed XDR', 'Business Email Protection'] |
| products | ['Unified Risk Platform'] |
Mandiant
Mandiant is an American cybersecurity firm and a subsidiary of Google.
Internal MISP references
UUID da5cdcd1-7b15-4371-b7eb-ca32916d2052 which can be used as unique global reference for Mandiant in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Information security'] |
| country | US |
| official-refs | ['https://www.mandiant.com/'] |
| product-type | ['Proactive Exposure Management', 'Government', 'Digital Risk Protection', ' Ransomware Protection'] |
| products | ['OpenIOC'] |
Spycloud
Thread intelligence provider focusing on data leaks
Internal MISP references
UUID ad99da77-986b-45bc-a7b0-c1887dd55b59 which can be used as unique global reference for Spycloud in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | US |
| official-refs | ['https://spycloud.com'] |
| product-type | ['Post-Infection Remediation', 'Ransomware Prevention', 'Automated ATO Prevention', 'Session Hijacking Prevention', 'Threat Actor Attribution', 'Fraud Prevention'] |
Domaintools
DomainTools is a leading provider of Whois and other DNS profile data for threat intelligence enrichment.
Internal MISP references
UUID 993c6a36-b625-4a1f-8737-72ba5a197744 which can be used as unique global reference for Domaintools in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Threat Intelligence'] |
| country | US |
| official-refs | ['https://www.domaintools.com/'] |
| products | ['Iris Intelligence Platform', 'Farsight DNSDB', 'Threat Intelligence Feeds'] |
Feedly
Feedly is an AI-powered news aggregator application for various web browsers and mobile devices running iOS and Android. It is also available as a cloud-based service.
Internal MISP references
UUID 4e7c737a-4912-488a-8571-1f9226ebad05 which can be used as unique global reference for Feedly in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| official-refs | ['https://feedly.com/homepage'] |
| product-type | ['Threat Intelligence'] |
Networksdb.io
Database of public networks, IP addresses and domain names owned by companies and organisations worldwide.
Internal MISP references
UUID 17fec4c4-3822-4198-9735-cee04aa51305 which can be used as unique global reference for Networksdb.io in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| official-refs | ['https://networksdb.io/'] |
Censys
Compagny providing comprehensive dataset of internet intelligence
Internal MISP references
UUID 101ca178-12c8-4488-b234-93f263e30b1a which can be used as unique global reference for Censys in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | US |
| official-refs | ['https://censys.com/', 'https://censys.io/'] |
| products | ['Censys Search', 'Exposure Management', 'The Censys Internet Map', 'Integrations'] |
DomainIQ
DomainIQ is an internet research tool providing information about a domain name, its owner, the server it's hosted on, its ownership history, similar domains and more.
Internal MISP references
UUID 3f79697b-63d8-4c86-aabf-84df1f03c43d which can be used as unique global reference for DomainIQ in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | US |
| official-refs | ['https://www.domainiq.com'] |
Arctic
Computer and Network Security
Synonyms
"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular Arctic.
| Known Synonyms |
|---|
Arctic Security |
Internal MISP references
UUID 542f8890-128b-42ca-97f9-8fe2af7ab783 which can be used as unique global reference for Arctic in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Computer and Network Security'] |
| country | FI |
| official-refs | ['https://www.arcticsecurity.com/'] |
Bitsight
BitSight is a cybersecurity ratings company that analyzes companies, government agencies, and educational institutions.
Internal MISP references
UUID 1e98d9ac-0ef1-4046-bf9f-7c905a56ba90 which can be used as unique global reference for Bitsight in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | US |
| official-refs | ['https://www.bitsight.com'] |
RiskIQ
RiskIQ, Inc. is a cyber security company that was based in San Francisco, California. It provided cloud-based software as a service (SaaS) for organizations to detect phishing, fraud, malware, and other online security threats. RiskIQ was acquired by Microsoft in July 2021.
Internal MISP references
UUID 9f279581-5514-42cd-8011-05af9787ee37 which can be used as unique global reference for RiskIQ in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Cyber Security company'] |
| country | US |
| official-refs | ['https://community.riskiq.com/'] |
| product-type | ['Threat detection'] |
Sweepatic
Sweepatic is a cybersecurity company
Internal MISP references
UUID c9bd796a-8b73-42ab-8abe-0016292f5528 which can be used as unique global reference for Sweepatic in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Cyber Security vendor'] |
| country | BE |
| official-refs | ['https://www.sweepatic.com'] |
| product-type | ['EASM platform'] |
Team Cymru
Team Cymru is an internet security firm that offers research services making the internet a more secure place.
Internal MISP references
UUID 8a22c0b2-d05f-4142-ab74-ffdf38fe4758 which can be used as unique global reference for Team Cymru in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Cyber Security vendor'] |
| country | US |
| official-refs | ['https://www.team-cymru.com/'] |
| product-type | ['Threat Intelligence Solutions', 'Attack Surface Management Solution', 'Threat Feeds'] |
| products | ['Pure Signal™ Recon', 'Pure Signal™ Scout', 'Pure Signal™ Orbit', 'IP Reputation Feed', 'Controller Feed', 'Botnet Analysis & Reporting'] |
G DATA
G Data CyberDefense AG (until September 2019 G Data Software AG) is a German software company that focuses on computer security.
Synonyms
"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular G DATA.
| Known Synonyms |
|---|
G Data CyberDefense AG |
G Data Software AG |
GDATA |
Internal MISP references
UUID 2b69f676-c875-4000-8350-5f162e69d908 which can be used as unique global reference for G DATA in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Computer software'] |
| country | DE |
| official-refs | ['https://www.gdata-software.com', 'https://www.gdatasoftware.co.uk'] |
| product-type | ['Antivirus software', 'Mobile Device Management'] |
| products | ['AntiVirus', 'InternetSecurity', 'TotalSecurity', 'AntiVirus for Mac', 'AntiVirus Business', 'AntiVirus Enterprise', 'ClientSecurity Business', 'ClientSecurity Enterprise', 'EndpointProtection Business', 'EndpointProtection Enterprise', 'MailSecurity', 'PatchManagement', 'Mobile Security', 'VPN'] |
Sekoia
Sekoia.io is a European cybersecurity SAAS company, whose mission is to develop the best protection capabilities against cyber attacks.
Internal MISP references
UUID 6c9ef130-7cf6-4eeb-9e65-46228fc5e30c which can be used as unique global reference for Sekoia in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Cyber Security Vendor'] |
| country | FR |
| official-refs | ['https://www.sekoia.io'] |
| product-type | ['eXtended Detection and Response SaaS platform'] |
| products | ['SIEM RELOADED |
Excellium
Excellium Services Group is a cyber-security consulting and technology Integration Company established since 2012 in Luxemburg and Belgium, with activities and in France and Africa.
Internal MISP references
UUID 73ae2776-3700-4120-84ae-7e9785e6071b which can be used as unique global reference for Excellium in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Cyber-security consulting and technology Integration Company', 'CSIRT'] |
| country | LU |
| official-refs | ['https://excellium-services.com'] |
| product-type | ['CERT-XLM', 'SOC', 'GDPR Services', 'Information Security Governance', 'Intrusion Tests – Red Team (Application Security Team)', 'Network & Security Infrastructure', 'Training'] |
| products | ['EyeGuard', 'EyeTools', 'EyeDeep', 'EyeTLD', 'EyeNotify'] |
Telindus
Telindus is a brand of Proximus Luxembourg SA. Founded in 1979, Telindus Luxembourg accompanies all organizations in their digital transformation, by providing holistic ICT & Telecommunication solutions, as well as tailored support services. Our areas of expertise include Telecommunication Services, ICT Infrastructure, Multi-Cloud, Digital Trust Solutions, Cybersecurity, Business Applications, Managed Services and Training.
Internal MISP references
UUID 4155eec3-fae2-4e80-a9a6-89b0f976851a which can be used as unique global reference for Telindus in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Service Provider'] |
| country | LU |
| official-refs | ['https://www.telindus.lu/en'] |
| product-type | ['Ethical Hacking', 'Infrastructure Security', 'Managed Security Services', 'Protection, Detection and Orchestration', 'Security Operations Center', 'Strategy, risk, management and advice', 'ICT solutions', 'Telecoms', 'Cloud'] |
BleepingComputer
Bleeping Computer is a website covering technology news and offering free computer help via its forums that was created by Lawrence Abrams in 2004. It publishes news focusing heavily on cybersecurity, but also covers other topics including computer software, computer hardware, operating system and general technology.
Internal MISP references
UUID ec3fb9b0-4f24-4099-ad48-3e8f68e88275 which can be used as unique global reference for BleepingComputer in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| company-type | ['Technology news and computer help'] |
| country | US |
| official-refs | ['https://www.bleepingcomputer.com/'] |
| product-type | ['Security and Technology Blog Posts'] |
Cisco Talos Intelligence Group
Synonyms
"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular Cisco Talos Intelligence Group.
| Known Synonyms |
|---|
Cisco Talos |
Internal MISP references
UUID 0adf6f0f-3795-4de1-9763-1bdd1c31a5d7 which can be used as unique global reference for Cisco Talos Intelligence Group in MISP communities and other software using the MISP galaxy
External references
Associated metadata
| Metadata key | Value |
|---|---|
| country | US |
Europol
Headquartered in The Hague, the Netherlands, Europol’s mission is to support its Member States in preventing and combating all forms of serious international and organised crime, cybercrime and terrorism. Europol also works with many non-EU partner states and international organisations.
Internal MISP references
UUID f6eae887-7ee4-4999-a909-5eef291c40cc which can be used as unique global reference for Europol in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | NL |
| official-refs | ['https://www.europol.europa.eu/'] |
ESET
ESET, s.r.o., is a software company specializing in cybersecurity. ESET's security products are made in Europe and provide security software in over 200 countries and territories worldwide. Its software is localized into more than 30 languages. The company was founded in 1992 in Bratislava, Slovakia.
Internal MISP references
UUID 3a43aca5-6366-4168-b182-a8afec4550b5 which can be used as unique global reference for ESET in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | SK |
| official-refs | ['https://www.eset.com', 'https://www.welivesecurity.com'] |
Tencent
Tencent is a world-leading internet and technology company that develops innovative products and services to improve the quality of life of people around the world. Founded in 1998 with its headquarters in Shenzhen, China, Tencent's guiding principle is to use technology for good. Our communication and social services connect more than one billion people around the world, helping them to keep in touch with friends and family, access transportation, pay for daily necessities, and even be entertained. Tencent also publishes some of the world's most popular video games and other high-quality digital content, enriching interactive entertainment experiences for people around the globe. Tencent also offers a range of services such as cloud computing, advertising, FinTech, and other enterprise services to support our clients' digital transformation and business growth. Tencent has been listed on the Stock Exchange of Hong Kong since 2004.
Internal MISP references
UUID 62e24285-103e-404e-b070-8b7fe59f5767 which can be used as unique global reference for Tencent in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | CN |
| official-refs | ['https://www.tencent.com', 'https://mp.weixin.qq.com'] |
Kaspersky
Kaspersky Lab (/kæˈspɜːrski/; Russian: Лаборатория Касперского, romanized: Laboratoriya Kasperskogo) is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky and Alexey De-Monderik. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.
Synonyms
"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular Kaspersky.
| Known Synonyms |
|---|
Kaspersky Lab |
Лаборатория Касперского |
Internal MISP references
UUID 0d4886f9-97e1-4cb2-8822-580fd09540e5 which can be used as unique global reference for Kaspersky in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | RU |
| official-refs | ['https://www.kaspersky.com', 'https://securelist.com'] |
Palo Alto
Palo Alto Networks, Inc. is an American multinational cybersecurity company with headquarters in Santa Clara, California. The core product is a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of security. The company serves over 70,000 organizations in over 150 countries, including 85 of the Fortune 100. It is home to the Unit 42 threat research team and hosts the Ignite cybersecurity conference.
Synonyms
"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular Palo Alto.
| Known Synonyms |
|---|
Palo Alto Networks |
Palo Alto Unit 42 |
Internal MISP references
UUID e9491d3b-2174-47d6-8a15-ecec552d16ae which can be used as unique global reference for Palo Alto in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | US |
| official-refs | ['https://www.paloaltonetworks.com', 'https://unit42.paloaltonetworks.com'] |
Trend Micro
Trend Micro Inc. (トレンドマイクロ株式会社, Torendo Maikuro Kabushiki-Gaisha) is an American-Japanese cyber security software company. The company has globally dispersed R&D in 16 locations across every continent excluding Antarctica. The company develops enterprise security software for servers, containers, & cloud computing environments, networks, and end points.
Synonyms
"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular Trend Micro.
| Known Synonyms |
|---|
トレンドマイクロ株式会社 |
Internal MISP references
UUID 3ac8f6fc-9c04-4ebd-bda2-788cc02fe4ed which can be used as unique global reference for Trend Micro in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | JP |
| official-refs | ['https://www.trendmicro.com'] |
AhnLab
AhnLab, Inc. offers industry-leading cyber security solutions and services for consumers, enterprises, and small and medium-sized businesses worldwide. Founded in 1995, AhnLab provides comprehensive protection for endpoint, cloud, network, and other services. With its headquarters in South Korea, the most wired country in the world, AhnLab has become a leading innovator of dynamic security solutions that counter cyber threats.
Internal MISP references
UUID 38847e35-166f-4025-a4bb-3e543058e353 which can be used as unique global reference for AhnLab in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | KR |
| official-refs | ['https://www.ahnlab.com'] |
Check Point
Check Point Software Technologies Ltd. is an American-Israeli multinational provider of software and combined hardware and software products for IT security, including network security, endpoint security, cloud security, mobile security, data security and security management.
Internal MISP references
UUID adb3369a-5683-46b2-bceb-4dafa6526b21 which can be used as unique global reference for Check Point in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | IL |
| official-refs | ['https://www.checkpoint.com'] |
| synomyms | ['Check Point Software Technologies Ltd.', 'Check Point Software'] |
CERT-UA
The Computer Emergency Response Team of Ukraine (CERT-UA) is a specialized structural unit of the State Center for Cyber Defense of the State Service for Special Communications and Information Protection of Ukraine.
Internal MISP references
UUID b06fe596-eaa5-434a-88b8-5b21b1c8b60f which can be used as unique global reference for CERT-UA in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | UA |
| official-refs | ['https://cert.gov.ua'] |
Avast
Avast Software s.r.o. is a Czech multinational cybersecurity software company headquartered in Prague, Czech Republic, that researches and develops computer security software, machine learning, and artificial intelligence.
Internal MISP references
UUID 0a93886e-a0e8-4972-991d-9935bf6c1565 which can be used as unique global reference for Avast in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | CZ |
| official-refs | ['https://www.avast.com'] |
CISA
The Cybersecurity and Infrastructure Security Agency (CISA) is a component of the United States Department of Homeland Security (DHS) responsible for cybersecurity and infrastructure protection across all levels of government, coordinating cybersecurity programs with U.S. states, and improving the government's cybersecurity protections against private and nation-state hackers.
Synonyms
"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular CISA.
| Known Synonyms |
|---|
Cybersecurity and Infrastructure Security Agency |
Internal MISP references
UUID 7aa10919-06fd-46ec-88b8-e1cbf60f955c which can be used as unique global reference for CISA in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | US |
| official-refs | ['https://www.cisa.gov', 'https://www.us-cert.gov'] |
JPCERT
JPCERT/CC is the first CSIRT (Computer Security Incident Response Team) established in Japan. The organization coordinates with network service providers, security vendors, government agencies, as well as the industry associations. As such, it acts as a 'CSIRT of CSIRTs' in the Japanese community. In the Asia Pacific region, JPCERT/CC helped form APCERT (Asia Pacific Computer Emergency Response Team) and provides a secretariat function for APCERT. Globally, as a member of the Forum of Incident Response and Security Teams (FIRST), JPCERT/CC cooperates with the trusted CSIRTs worldwide.
Synonyms
"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular JPCERT.
| Known Synonyms |
|---|
JPCERT/CC |
Internal MISP references
UUID 3caca164-4600-42a2-b2f0-7a552a66e7b6 which can be used as unique global reference for JPCERT in MISP communities and other software using the MISP galaxy
Associated metadata
| Metadata key | Value |
|---|---|
| country | JP |
| official-refs | ['https://www.jpcert.or.jp'] |