Open Source Intelligence Tech Specs
Open Source Intelligence does not require any licensing to use. Each source is updated automatically at the frequency shown in the middle column. Open Source Intelligence Enclaves do not include summary tables and attributes are not parsed.
Intelligence Source | Update Frequency | Indicators Retrieved |
BroadAnalysis | 15 min | DOMAIN, IP |
Abuse.ch SSL IP Blacklist | 15 min | IP, MALWARE, URL |
AIS - DHS | 15 min | See List 1 below |
EU-CERT | 15 min | See List 1 below |
Hail_a_Taxii | 60 min | See List 1 below |
Hybrid Analysis_Public Feed | 3 hours | MALWARE, MD5, SHA1, SHA256, URL |
Infosec Island | 15 min | *See list below |
Internet Storm Center (ISC) | 15 min | See List 1 below |
Malwarebytes | 15 min | MALWARE, SOFTWARE |
NIST NVD | 15 min | CVE, IP, Domain, URL |
PacketStorm | 15 min | See List 1 below |
Unit 42 (Palo Alto Networks) | 15 min | See List 1 below |
US-CERT | 15 min | See List 1 below |
List 1 Observables
- BITCOIN ADDRESSES
- CIDR BLOCK
- CVE
- EMAIL ADDRESS
- IP
- MALWARE
- MD5
- REGISTRY KEY
- SHA1 and SHA256
- SOFTWARE
- URL and DOMAIN