EyeOnThreat™

Not Yet Another Threat Aggregator

EyeOnThreat™ provides feed or API access to a relevant part of Cyber Threat Intelligence Information gathered, analyzed and released by:

  • Lutech ThreatOculus™ threat researchers and analysts team
  • Lutech ThreatCure™ breach detection and incident response team
  • Lutech ethical hacking and vulnerability research team
  • Multiple open and private sources

The possibility to access a contextualized and enriched database of threats through a single and reliable channel is a fundamental element in a cyber security strategy. Knowledge of where risks are created and evolve is essential in a process of verification and validation, usally performed by structures facilities like SOCs and CERTs. It's a service for gathering, classifying, enriching and distributing or giving access to various types of intelligence information, collected by multiple and non-homogeneous sources, related to consolidated or emerging cyber threats.

Try Now for Free! API Documentation

Cyber Threat Intelligence Information

EyeOnThreat™, regularly scans thousands of sources, looking for new indicators to be transformed in cyber threat intelligence Data information, useful to identify and prioritize cyber threats. EyeOnThreat™'s capability in manipulating non-homogeneous information allows to collect different typologies of information in a fast, reliable and univocal way.

Threat Actor

Threat Actor is the one who has led or is conducting a computer attack or hacking operation. EyeOnThreat™ provides understanding of the infrastructure used to perform attacks such as: IP, Domain, URL, eMail, sample hash, exploit kit and compromised credit card

Threat Activity

Threat Activity is one recognized as malicious such as: malware distribution, social engineering, network intrusion, unauthorized access, software vulnerability exploit and more

Threat Effect

Threat Effect is a set of identified possible impacts such as: personal information leak, financial information theft, data esfiltration, eMail breach, systems compromise

Entity Extractor

EyeOnThreat™ is able to extract a number of entities used to contextualize and classify cyber threat intelligence information. Each single information is enriched, classified and transformed to provide more details that can be used as an Indicator of Compromise (IoC) and more generally as actionable intelligence. Every collected data is saved in a single location, EyeOnThreat™ Global Threat Repository, and made available through EyeOnThreat™ Services

IP

IP addresses referable to threats and/or malicious actors

Domain

Domains used to host and distribute malware, unreliable domains or involved in other threats

URL

URLs known as phishing sites, websites that hosts Exploit Kits or involved in other threats

E-mail

Emails used for spam, phishing or malware distribution campaigns

Credit Card

Customer stolen credit cards that are sold on blackmarkets, published on forums or discovered in other sources

User Credential

Customer compromised emails or accounts

Exploit Kit

Up-to-date informations about exploit kits

Malware Sample

File recognized as malicious and related to old or new threats

Services

EyeOnThreat™ can offer advantages both in automatic processes of detection/blocking of malicious and unauthorized activities, and manual operations of analysis and investigation of computer incidents and cyber threats. The access to the information present in the Global Threat Database is guaranteed in a rapid and reliable way by a RESTful API system.

Cyber Threat Feed

Feed mode provides access to a dataset of information in CSV format, useful for the classification and prioritization of threats in automated detection and blocking mechanisms

Cyber Threat Hunting

Hunting mode provides the possibility to search for information and indicators present stored in the database. Through this mode it is possible to investigate on a given entity among those stored, looking for clues useful to detect threats.

Try now for free!

Try our hunting service for 15 days for free

Client Library

Go to GitHub repository to download our library to your client