You can easily extract these files, then check them against OTX to see if they are malicious.
ALIENVAULT OTX API GROUP REGISTRATION
With the new API, you will get a daily email on name servers they use, domain registration emails they use, and servers that have fired network alerts for their malware.Īnother common task is when you want to know if files that pass your network or mail gateway (either at the MX or Inbox) are malicious. Let’s say you want to get daily updates on an attacker that has targeted your sector before. This depth of data could be used for countless things, but here are a couple of examples the API could used for: The SDK deals with authentication for you, or you can simply add it as a parameter in any requests: curl -H "X-OTX-API-KEY: e989." What could you build? Exceeding 10,000 requests per hour is normally fine so long as you let us know in advance. You can also use the API key to choose to only get data from users you have said you trust. However, it's worth using an API key, as it allows 10,000 requests per hour rather than just 1,000 requests per hour. Most of these API requests will work without authentication. Find pulses based on the adversary, industry or keywords that interest you ( example).
ALIENVAULT OTX API GROUP DOWNLOAD
Download all indicators from users that you subscribe to ( example).Lists of malicious URLs on domains ( example).Retrieve malware samples by anti-virus detection ( example).Find malware samples that talk to a domain or ip ( example).The HTTP contents of a domain or URL ( example), as well as finding all pages that link to it ( example).
We've made a number of improvements to the depth of data in OTX recently, which are now available via the free API tool.
0 kommentar(er)
