One of the key features of Maltiverse is the ability to create customized Threat Intelligence feeds. In the Platform IoC Search view yo can save a query as a Threat Intelligence Feed that will contain all the IoCs that are matching this query along time. This documentation guides you through the process of creating a Threat Intelligence feed within the Maltiverse Platform.
Is important to notice that a Maltiverse Platform Threat Intelligence feed only contains IoCs uploaded to Maltiverse Platform and not Maltiverse Intelligence
Step 1: Access Platform Search #
- Navigate to Platform Search view: Begin by locating the navigation menu on the left-hand side of the page. Click on “Platform Search” to access the Maltiverse Platform earch engine. This is where you can input queries to find IoCs that match specific conditions or criteria.
Step 2: Write your Query #
Write your query with the conditions you require. Take into account that all the IoCs that no longer match the query will be removed from the feed in real time. The same applies for new IoCs uploaded that are matching the query conditions: they will be included in the feed in real time.
Step 3: Create Threat Intelligence Feed #
Save the Query as a Threat Intelligence Feed
- Click on the plus (+) button. A menu will appear.
- Select the “Threat Intel Feed” button to start the feed creation process.
- Complete the Form:
- Name: Assign a name to your Threat Intelligence feed. Choose a name that is descriptive and easily identifiable.
- Description: Provide a detailed description of your feed. This should include information about the type of IoCs it contains, its purpose, and any other relevant details that will help users understand its scope and use.
- After filling out the form, click “Save.”
Step 4: Access Your Threat Intelligence Feed #
- View and Download: After saving, you will be redirected to the newly created Threat Intelligence feed view. Here, you can review the contents of your feed, download it, or integrate it into your security infrastructure using any of the technologies available in the Maltiverse integration catalogue.
Integration and Usage #
The created Threat Intelligence feed can be seamlessly integrated into various security tools and platforms. Maltiverse’s integration catalogue offers compatibility with a wide range of technologies, enabling you to leverage your custom feed across your cybersecurity ecosystem for enhanced threat detection, analysis, and response. Now this feed is also available in your Platform Feeds:
