EyeOnThreat™: Not Yet Another Threat Aggregator

Lutech Cyber Threat Intelligence Team announcing the release of new Cyber Threat Intelligence Service EyeOnThreat™

What is EyeOnThreat™?

EyeOnThreat™ is a service for gathering, classifying, enriching and distributing or giving access to various types of intelligence information, collected by multiple and non-homogeneous sources, related to consolidated or emerging Cyber Threats.

EyeOnThreat™ provides feed or API access to a relevant part of Cyber Threat Intelligence Information gathered, analyzed and released by:

  • Lutech ThreatOculus™ threat researchers and analysts team
  • Lutech ThreatCure™ breach detection and incident response team
  • Lutech ethical hacking and vulnerability research team
  • Multiple open and private sources

How does it work?

EyeOnThreat™, regularly scans thousands of open , public, private and Lutech proprietary sources, as well as data collected and analyzed by the Lutech Cyber Threat Intelligence and Breach Detection and Incident Response Services, looking for new indicators to be transformed in Cyber Threat Intelligence Information, useful to identify and prioritize cyber threats

Its capability in manipulating non-homogeneous information allows to collect different typologies of information in a fast, reliable and univocal way. Each single information is enriched, classified and transformed to provide more details that can be used as an Indicator of Compromise (IoC) and more generally as actionable intelligence. Every collected data is saved in a single location, EyeOnThreat™ Global Threat Database, and made available through EyeOnThreat™ Services.

How it can help you

EyeOnThreat™ can offer advantages both in automatic processes of detection/blocking of malicious and unauthorized activities, and manual operations of analysis and investigation of computer incidents and cyber threats.

The access to the information present in the Global Threat Database is guaranteed in a rapid and reliable way by a RESTful API system. Two ways of accessing are currently available:

  • Cyber Threat Feed: Feed mode provides access to a dataset of information in CSV format, useful for the classification and prioritization of threats in automated detection and blocking mechanisms.
  • Cyber Threat Hunting: Hunting mode provides the possibility to search for information and indicators stored in the database. Through this mode it is possible to investigate on a given entity among those stored, looking for clues useful to detect threats.

 

More information are available on the official website https://www.eyeonthre.at/ and in the Github Project http://github.com/l-tms-cert/EyeOnThreat

You can try the EyeOnThreat™ services for free by signing here.

Leave a Comment

Your email address will not be published.