Free STIX 2.1 Threat Intel Feed

Built a threat intel platform that runs on $75/month infrastructure. Decided to give the STIX feed away for free instead of charging enterprise prices for it. What’s in it: – 59K IOCs (IPs, domains, hashes, URLs) – ThreatFox, OTX, honeypot captures, and original discoveries – STIX 2.1 compliant (works with Sentinel, TAXII consumers, etc.) – Updated continuously Feed URL: https://analytics.dugganusa.com/api/v1/stix-feed Search API (if you want to query it): https://analytics.dugganusa.com/api/v1/search?q=cobalt+strike We’ve been running this for a few months. Microsoft Sentinel and AT&T are already polling it. Found 244 things before CrowdStrike/Palo Alto had signatures for them (timestamped, documented). Not trying to sell anything – genuinely curious if it’s useful and what we’re missing. Built it to scratch our own itch. Tear it apart. submitted by /u/IwantAMD [link] [comments]Technical Information Security Content & DiscussionRead More