Do you want to get threat intelligence data about a malware, an IP or a domain from multiple sources at the same time using a single API request?
IntelOwl is an Open Source Intelligence, or OSINT solution to get threat intelligence data about a specific file, an IP or a domain from a single API at scale. It integrates a number of analyzers available online and a lot of cutting-edge malware analysis tools. It is for everyone who needs a single point to query for info about a specific file or observable.
Main features:
- Provides enrichment of Threat Intel for malware as well as observables (IP, Domain, URL, hash, etc).
- Can integrate easily in stack of security tools to automate common jobs usually performed, for instance, by SOC analysts manually.
IntelOwl is composed of:
- Analyzers that can be run to either retrieve data from external sources (like VirusTotal or AbuseIPDB) or to generate intel from internally available tools (like Yara or Oletools)
- Connectors that can be run to export data to external platforms (like MISP or OpenCTI)
- Visualizers that can be run to create custom visualizations of analyzers results
- Playbooks that are meant to make analysis easily repeatable
Integration Developed by Loginsoft for Fraud Preventive Solutions API on IntelOwl:
- Using the IntelOwl custom analyzer developed by Loginsoft, you have the option to enrich observables such as IP addresses, domains, URLs, phone numbers, and more, by accessing external sources.
- Once the scan of an observable is completed successfully, users can access the results from the chosen analyzer within the analyzer report, as illustrated in the following image.