Open Source Intelligence Tech Specs

Updated 4 months ago by TruSTAR

Open Source Intelligence does not require any licensing to use. Each source is updated automatically at the frequency shown in the middle column. Open Source Intelligence Enclaves do not include summary tables and attributes are not parsed.  

Intelligence Source

Update Frequency

Indicators Retrieved

Abuse.ch IP Blacklist

15 min

IP, MALWARE, URL

BroadAnalysis

15 min

DOMAIN, IP

Abuse.ch Ransomware

15 min

IP, MALWARE, URL

Abuse.ch SSL Blacklist

15 min

IP, MALWARE, URL

AIS - DHS

15 min

See List 1 below

EU-CERT

15 min

See List 1 below

Hail_a_Taxii

60 min

See List 1 below

Hybrid Analysis_Public Feed

3 hours

MALWARE, MD5,

SHA1, SHA256, URL

Infosec Island

15 min

*See list below

Internet Storm Center (ISC)

15 min

See List 1 below

Malwarebytes

15 min

MALWARE, SOFTWARE

PacketStorm

15

See List 1 below

Unit 42 (Palo Alto Networks)

15 min

See List 1 below

US-CERT

15 min

See List 1 below

List 1 Observables

  • BITCOIN ADDRESSES
  • CIDR BLOCK
  • CVE
  • EMAIL ADDRESS
  • IP
  • MALWARE
  • MD5
  • REGISTRY KEY
  • SHA1 and SHA256
  • SOFTWARE
  • URL and DOMAIN


How Did We Do?