Intel 471's Vulnerability Intelligence provides relevant and timely information about an adversary situation and addresses the gap in current vulnerability offerings that primarily focus on things already being exploited in the wild based on known attacks and open source information.
This leaves out the precursors to such activity that lend to a more proactive approach, such as an increase in interest levels among threat actors; proof-of-concept (PoC) code being developed, traded or sold; and ultimately the weaponization and productization of the code as it's integrated into exploit kits, exploit packs or other tools. This activity often occurs prior to attacks observed in the wild.
The Intel 471 Vulnerability Intelligence Splunk App automatically will ingest Vulnerability Intelligence reporting from the Intel 471 Titan platform and make all data available via Splunk search.
The app also provides a live dashboard that offers a view into Intel 471's Vulnerability Intelligence reporting and analysis. The app provides the ability to view the live summary dashboard, examine individual Vulnerability Reports, filter by a variety of data elements and view historical vulnerability intelligence. All intelligence includes sources and links to contextual information.
The app requires an active Intel 471 Titan application programming interface (API) key to retrieve intelligence information and reporting. Please contact support@intel471.com for more information.
Use latest add-on builder and newer version of Splunk Python sdk to meet Splunk Cloud requirements
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.