[Bro] Threat Intelligence Management

Liam Randall liam.randall at gmail.com
Thu Jun 25 05:51:58 PDT 2015 

No Critical Stack is entirely custom; we are not building a TIP.  We wanted
to have an easy way to have actionable into stream into bro as it is to
discovered so we built it.  We thought others would want it as well so we
make it freely available to the community.  We are getting ready to launch
a new extension to it called KITTY- Keep Intel Transactions To Yourself
that allow you to privately share and deploy 100's of Millions of
indicators in a fast memory efficient way.  It integrates directly with our
online marketplace- we deployed our first test clients this week.  We'll
announce more shortly @CriticalStack .

For TIPs there are a lot of great solutions you should look at:

Free:
MISP
CRITS

Commercial:
Soltra Edge (has a free version)

ThreatConnect

ThreatStream

ThreatQ (ThreatQuotient)

BrightPoint Security (formerly Vorstack)



V/r,

Liam Randall


On Thu, Jun 25, 2015 at 8:37 AM, Harry Hoffman <hhoffman at ip-solutions.net>
wrote:

> Is critical stack based upon CIF (collective intelligence framework)?
>
> It looks very similar.
>
> Cheers,
> Harry
>
>
> On Jun 25, 2015 7:44 AM, Heine Lysemose <lysemose at gmail.com> wrote:
> >
> > Hi
> >
> > I encourage you to have a look at, https://intel.criticalstack.com/
> >
> > Best,
> > Lysemose
> >
> > On Thu, Jun 25, 2015 at 1:31 PM, Jan Grashofer <jan.grashofer at cern.ch>
> wrote:
> >>
> >> Hi all,
> >>
> >> I am having a look at Threat Intelligence Management solutions, which
> can be used with Bro. What do you use and what are your experiences?
> >>
> >> Regards,
> >> Jan
> >>
> >> _______________________________________________
> >> Bro mailing list
> >> bro at bro-ids.org
> >> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
> >
> >
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150625/13e366d8/attachment-0001.html

More information about the Bro mailing list