ThreatMiner
#Threat Defense#Threat Management
Sample detection rules and dashboards for Google Security Operations
ThreatMiner: A Comprehensive Threat Intelligence Portal
ThreatMiner is a threat intelligence portal specifically designed to help analysts conduct research using a unified interface.
It aggregates data from various open source feeds to enhance security insights
It collects and combines data from multiple open source feeds and offers contextual information that is relevant to indicators of compromise (IOCs).
The portal enables analysts to conduct data research and analysis
The portal enables analysts to research, pivot, and enrich data. It also offers links to external resources for further information.
ThreatMiner utilizes a variety of open-source tools and data feeds, including IOCParser, APTNotes, CIRCL, VirusTotal, Malwr.com, Hybrid-Analysis, Alienvault OTX, ipinfo, Robtex, CleanMX, VirusShare, and Sinica.
It also performs native DNS enrichment
It also carries out native DNS enrichment through the use of native applications.
The portal aims to streamline analyst tasks
The portal aims to free analysts from the burden of data collection and offers a unified interface for performing various tasks, ranging from reading reports to pivoting and enriching data.
