Open/Closed Source Feeds FAQ

Updated 2 weeks ago by Elvis Hovor

TypeFrequencyIntel SourceIndicators Queried
OSINTEvery 3 hoursEU-CERTALL - IP, URL, MD5, SHA1, SHA256, CVE, DOMAIN, BITCOIN ADDRESSES, SOFTWARE, EMAIL ADDRESS, CIDR BLOCK, REGISTRY KEY and MALWARE
Hail_a_TaxiiALL - IP, URL, MD5, SHA1, SHA256, CVE, DOMAIN, BITCOIN ADDRESSES, SOFTWARE, EMAIL ADDRESS, CIDR BLOCK, REGISTRY KEY and MALWARE
Hybrid Analysis_Public FeedURL, MD5, SHA1, SHA256, MALWARE
BambenekIP, MALWARE
Abuse.ch RansomwareIP, URL, MALWARE
Abuse.ch ssl BlacklistIP, URL, MALWARE
Abuse.ch IP BlacklistIP, URL, MALWARE
AIS - DHSSTIX/TAXII - ALL - IP, URL, MD5, SHA1, SHA256, CVE, DOMAIN, BITCOIN ADDRESSES, SOFTWARE, EMAIL ADDRESS, CIDR BLOCK, REGISTRY KEY and MALWARE
Closed SourcesEvery 15 minIBM XForceIP, URL, MD5, SHA1, SHA256
Digital ShadowsIP, URL, MD5, SHA1
VirusTotalIP, URL, MD5, SHA1, SHA256
CrowdstrikeIP, URL, MD5, SHA1, SHA256, MALWARE
Alien Vault OTXIP, URL, MD5, SHA1, SHA256, CVE
FBTXIP, URL, MD5, SHA1, SHA256, EMAIL ADDRESS

HybridAnalysisURL, MD5, SHA1, SHA256, MALWAR
RiskIQ PassiveTotalIP, DOMAIN, URL, DOMAIN, EMAIL ADDRESS
RSS FeedsEvery 6 hoursUS-CERTALL - IP, URL, MD5, SHA1, SHA256, CVE, DOMAIN, BITCOIN ADDRESSES, SOFTWARE, EMAIL ADDRESS, CIDR BLOCK, REGISTRY KEY and MALWARE
ISCALL - IP, URL, MD5, SHA1, SHA256, CVE, DOMAIN, BITCOIN ADDRESSES, SOFTWARE, EMAIL ADDRESS, CIDR BLOCK, REGISTRY KEY and MALWARE
PacketstormALL - IP, URL, MD5, SHA1, SHA256, CVE, DOMAIN, BITCOIN ADDRESSES, SOFTWARE, EMAIL ADDRESS, CIDR BLOCK, REGISTRY KEY and MALWARE
InfosecIslandALL - IP, URL, MD5, SHA1, SHA256, CVE, DOMAIN, BITCOIN ADDRESSES, SOFTWARE, EMAIL ADDRESS, CIDR BLOCK, REGISTRY KEY and MALWARE
Unit 42ALL - IP, URL, MD5, SHA1, SHA256, CVE, DOMAIN, BITCOIN ADDRESSES, SOFTWARE, EMAIL ADDRESS, CIDR BLOCK, REGISTRY KEY and MALWARE
Malware BytesSOFTWARE, MALWARE
BroadAnalysisIP, DOMAIN
Listservs/ISACsEvery 2 hoursFS-ISACALL - IP, URL, MD5, SHA1, SHA256, CVE, DOMAIN, BITCOIN ADDRESSES, SOFTWARE, EMAIL ADDRESS, CIDR BLOCK, REGISTRY KEY and MALWARE
R-CISCALL - IP, URL, MD5, SHA1, SHA256, CVE, DOMAIN, BITCOIN ADDRESSES, SOFTWARE, EMAIL ADDRESS, CIDR BLOCK, REGISTRY KEY and MALWARE
EmailsEvery 20 minsEmail IngestALL - IP, URL, MD5, SHA1, SHA256, CVE, DOMAIN, BITCOIN ADDRESSES, SOFTWARE, EMAIL ADDRESS, CIDR BLOCK, REGISTRY KEY and MALWARE
Others2 PM UTCCyberSourceIP, URL, DOMAIN, EMAIL ADDRESS

How Did We Do?