Updated Articles

  1. Event API POST Updated

    Overview Within the API settings of your workspace, you can set up an API Post URL. If this URL is set, then for each event-type with API POST enabled in it's configuration settings, a response will be pushed to the Post URL for the workspace a...
  2. Event Search Updated

    This article provides definitions and instructions for searching events within the RiskIQ interface and API, including: Using quick filters Building  queries in the search bar  Saving queries for later use Sorting and pagination Sear...
  3. Open Source Intelligence (OSINT)

    Open Source Intelligence (OSINT) Open source intelligence (OSINT) is reporting, both short and long-form, developed by individuals and companies outlining specific threats, methodologies or actors. Data from the OSINT repository is public and fr...
  4. Malware (Hashes)

    Malware (Hashes) PassiveTotal partners with a number of commercial and open source repositories of malware data in order to pair it with queried infrastructure. This data helps analysts understand actor capabilities, intent and motives of an att...
  5. MITRE's CRITS

    MITRE's CRITS CRITs is an open source malware and threat repository that leverages other open source software to create a unified tool for analysts and security experts engaged in threat defense. The PassiveTotal CRITs service allows anal...
  6. Tags and Classifications

    Tags & Classifications In addition to visualization via the heatmap, PassiveTotal also makes use of tags and classifications to bring context to indicators and investigations. Tags Tags come in many forms from system to user generated and hel...
  7. MISP

    MISP The Malware Information Sharing Platform ( MISP ) is an open source repository for sharing, storing and correlating Indicators of Compromises of targeted attacks. As with all of our integration's, PassiveTotal brings all of our core da...
  8. Maltego

    Maltego Maltego is a link analysis tool that allows for quick visualization and aggregation of data sets. PassiveTotal puts more than 100 transforms at our users finger tips, makings it easier than ever to harness the full power of our data w...
  9. Chat Integration

    Chat Integration The PassiveTotal Hubot integration brings the power of infrastructure analysis into the chat platform you use to communicate with teammates. This integration works for both Slack and HipChat and allows analysts to quickly answer...
  10. Splunk (PassiveTotal)

    Splunk The PassiveTotal App for Splunk allows organizations to bring context to external threats, analyze attack data, and correlate that information with their internal event data to pinpoint and re-mediate threats — all in one place. Th...