—
Threat Intelligence Platform, LLC has launched as a dynamic new service specifically geared towards the cyber-security industry, offering an easy-to-use tool and APIs to obtain detailed information about hosts and the infrastructure behind them. By gathering data from different providers and utilizing substantial internal databases – compiled for more than 10 years – and also taking advantage of real-time host configuration analysis, the platform yields an in-depth look at a target host, with TIP representatives calling the approach a “building block in a threat detection toolkit.”
“In launching TIP, we are providing two key services to the cyber-security sector: Threat intelligence analysis and threat intelligence API utilization,” says Threat Intelligence Platform’s Jonathan Zhang. “Now, users of our platform can find detailed information about a host and the underlying infrastructure in seconds through our web interface, while integrating our rich data sources into their system and extending it with threat intelligence analysis insights. We even offer a free trial on our site, leaving no reason why anyone concerned with cyber-security shouldn’t consider our service.”
TIP also enables users to analyze a host’s infrastructure while obtaining IP addresses along with their geographical/ASN distribution to compare to the reverse IP lookup results, analyze a domain’s SSL (HTTPS) Certificates while testing SSL connections and configurations, perform content analysis and relations to the other domains/host configuration issues, check if a domain is considered to be dangerous in various malware data feeds, retrieve and output/analyze a domain name’s WHOIS record, check DNS MX records’ configurations and examine the corresponding mail servers and check name servers’ configurations, output details and possible configuration issues.
In using TIP, users can research servers’ infrastructure beyond a domain name, gaining access to a collection of its web, mail and name servers as well as its known subdomains. Additionally, for each infrastructure entry, users can discover its IP address, geolocation and subnetwork information. With the SSL Certificates Chain API feature, users can obtain a domain’s SSL Certificate along with its Certificate chain in a well-parsed JSON format.
What’s more, through TIP’s SSL Configuration Analysis API feature, a host’s SSL connection can be checked and analyzed for common configuration issues potentially leading to vulnerabilities. With a Domain Malware Check API, a domain name can be analyzed for possible malware and if it is considered to be dangerous in different security data sources. A Connected Domains API feature, meanwhile, enables users to discover domain names resolving to the same IP address, while a Domain Reputation Scoring API evaluates a domain’s reputation based on numerous security data sources, as well as on an instant external configuration audit procedure.
This emerging “technology discipline” aids organizations in correlating, aggregating and ultimately analyzing threat data derived from multiple sources – in real time – for the purpose of supporting “defensive actions.” Put simply, this is a highly-competitive sector boasting a myriad of vendors, with Threat Intelligence Platform leading the way through solutions that undercut other threat toolkits and APIs.
Further, with threat intelligence being the hottest trend in cyber-security for the past few years and continuing to represent “dominant avenues” by which cyber-security researchers and threat investigators take on cyber-crimes, the notion of a powerful threat intelligence API has come under the white hot spotlight as of late. A threat intelligence API is defined as a set of APIs that provide programmatic access to “threat intelligence” content including meta data, threat indicators and evidence-based risk scores; into this foray have come researchers and automated threat processes that use the APIs to detect and analyze common threats today including APT, phishing, malware, botnets, DDOS and ransomware.
Threat Intelligence Platform is also leading the charge in this area with comprehensive information on hosts and the infrastructure behind them, connections between different entities (domains/IP addresses/assets), reputation scores for host/IP, enriched threat indicators in SIEM and more
More information about TIP, LLC can be obtained by emailing support@ThreatIntelligencePlatform.com or visiting https://threatintelligenceplatform.com/
Release ID: 359108