New Articles

  1. Chat Integration

    Chat Integration The PassiveTotal Hubot integration brings the power of infrastructure analysis into the chat platform you use to communicate with teammates. This integration works for both Slack and HipChat and allows analysts to quickly answer...
  2. Maltego

    Maltego Maltego is a link analysis tool that allows for quick visualization and aggregation of data sets. PassiveTotal puts more than 100 transforms at our users finger tips, makings it easier than ever to harness the full power of our data w...
  3. MISP

    MISP The Malware Information Sharing Platform ( MISP ) is an open source repository for sharing, storing and correlating Indicators of Compromises of targeted attacks. As with all of our integration's, PassiveTotal brings all of our core da...
  4. MITRE's CRITS

    MITRE's CRITS CRITs is an open source malware and threat repository that leverages other open source software to create a unified tool for analysts and security experts engaged in threat defense. The PassiveTotal CRITs service allows anal...
  5. Splunk (PassiveTotal)

    Splunk The PassiveTotal App for Splunk allows organizations to bring context to external threats, analyze attack data, and correlate that information with their internal event data to pinpoint and re-mediate threats — all in one place. Th...
  6. Tags and Classifications

    Tags & Classifications In addition to visualization via the heatmap, PassiveTotal also makes use of tags and classifications to bring context to indicators and investigations. Tags Tags come in many forms from system to user generated and hel...
  7. Open Source Intelligence (OSINT)

    Open Source Intelligence (OSINT) Open source intelligence (OSINT) is reporting, both short and long-form, developed by individuals and companies outlining specific threats, methodologies or actors. Data from the OSINT repository is public and fr...
  8. Malware (Hashes)

    Malware (Hashes) PassiveTotal partners with a number of commercial and open source repositories of malware data in order to pair it with queried infrastructure. This data helps analysts understand actor capabilities, intent and motives of an att...
  9. Cooking with fire: Making your investigations more efficient with tags and classifications

    The ever-expanding attack surface of the enterprise has increased the importance of correlating internal activity with what is happening outside the firewall. The most successful security programs are providing their analysts with real-time context ...
  10. Adding Artifacts and Monitors to Project

    Adding an Artifact to a Project In order to enable Monitors within a project, a corresponding artifact must first be added to the project for which Monitoring should be configured. This can be done in one of several ways: 1. From the page of the...