In a similar fashion for IP reputation check, you can use Cisco’s Talos Intelligence or Firehol IP Lists among many others. There are a number of good places to plug in your IOC and see who else also reported it such as VirusTotal, Abuse.ch, and IOC Bucket. When you are looking at an IOC, first thing you look for is if this has been reported by someone else. Many SOC analyst rely on crowdsourced intelligence tools such as Alien Vault OTX. We should also mention Zoomeye and Censys as other possible tools in this area. A good use case here is of course vulnerability management as Shodan would provide any existing vulnerabilities if version of the technology running behind is detected.īinary Edge is a similar resource that provides in depth analysis for the IP addresses with detailed banners. It is a good place to spot external facing IoTs. You can do filtered searching including by country, port, or technology. Security vendors and regular users alike frequent Shodan.io for external attack surface management use cases. There are a few internet-wide scanners that allows users to choose from free or paid options. ![]() In this blog post, we would like to cover some of the tools that we rely on frequently at SOCRadar. There is a good sense of community in the industry with people freely creating and sharing tools. One of the benefits of the cyber security is its openness to sharing.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |