Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for SophosLabs Intelix #402

Open
titanicshark opened this issue May 14, 2022 · 0 comments
Open

Support for SophosLabs Intelix #402

titanicshark opened this issue May 14, 2022 · 0 comments
Labels
ti-provider Candidate for config-based TI/Context provider

Comments

@titanicshark
Copy link
Contributor

Is your feature request related to a problem? Please describe.
No

Describe the solution you'd like
It would enhance threat analysis to have an extra TI provider available to call, SophosLabs Intelix. The SophosLabs Intelix API is registered via AWS and you can do file hash lookups, URL hash lookups, IP category lookups, static/dynamic file analysis, static URL analysis etc.

Describe alternatives you've considered
No

Additional context
Tiered model where you are billed based on usage via your AWS account. The features all have free tiers with a throttle on the requests per month.
https://api.labs.sophos.com/doc/index.html
https://aws.amazon.com/marketplace/saas/ordering?productId=6c2abef1-b480-42dd-a783-aabc1e72dd8a&offerId=6ej97jdsffv69deqscd9tz6oa
@ianhelle ianhelle added the ti-provider Candidate for config-based TI/Context provider label Nov 3, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
ti-provider Candidate for config-based TI/Context provider
Projects
MSTICPy post-2.0 planning
Status: No status
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ianhelle @titanicshark