Threat Intelligence integration Guideline
This guideline walks you through the process of enriching LogRhythm SIEM with Threat Intelligence Feeds from Maltiverse Community TAXII Server, improving detection capabilities and helping to spotlight contacts with malicious IPs, Domains, URLs, or file hashes.
Register to Maltiverse and validate your email:
- Threat Provider Name: Maltiverse
- TAXII Collection Endpoint: https://api.maltiverse.com/taxii2/api/collections/
- Username: Your Email
- Password: Your Password
Covers most active and prolific threats used by active organized cybercrime. It contemplates IoCs from diverse malware families in its different stages.
Covers actionable intelligence on advanced persistent threats (APTs) to help organizations protect themselves from high skilled targeted attacks, including Nation-State actors.
80% percent of all security incidents start with a phishing email. Stay in shape by integrating the most complete phishing feed worldwide.
Malware Distribution Feed
This feed is a collection of IPs, Hostnames and URLs that are actively distributing malware. It improves the chances to detect a security incident when an attack advances to a next stage.
Malicious URLs Feed
Covers malicious URLs disregarding phishing.
Malicious Hostnames Feed
Collection of malicious hostnames disregarding Domain Generation Algorithms.
Benefit: Stop Attacks faster
The Lockheed Martin Cyber Kill Chain® model is a strategic framework that identifies and combats cyber intrusions in seven stages. Adopting Threat Intelligence helps for an early-stage identification and mitigation of threats and it can significantly decrease the potential impact on businesses.
CTA Trusted Members
Maltiverse is made by security experts with many years of experience protecting organizations, to make threat intelligence adoption a piece of cake. We share and consume Threat Intelligence from the top players in the Cybersecurity Industry as members of the Cyber Threat Alliance.