AlienVault Open Threat Exchange (OTX) Intro

AlienVault OTX dashboard

AlienVault Open Threat Exchange (OTX) Tour

  • Dashboard: View a graph of malware clusters reported within a timeframe. Clicking a malware cluster shows features of the malware, and associated pulses.
  • Browse: Browse pulses, users, groups, indicators, malware families, industries, and adversaries, with ability to filter and sort.
  • Scan Endpoints: Shows how to use OTX Endpoint Security, free software that scans endpoints for IoCs in OTX.
  • Create Pulse: Create a new pulse by having OTX extract IoCs from a source that you provide (website, blog post, PDF report, email, PCAP, STIX, OpenIOC, CSV, or text file), or by manually adding IoCs.
  • Submit Sample: Submit a URL or file for analysis. OTX will scan the content at submitted URLs, and will perform static (and possibly dynamic) analysis on submitted files.
  • API Integration: Provides info on using the OTX DirectConnect API to integrate OTX with Bro-IDS, STIX/TAXII, Suricata, and other third-party tools.
  • Search: Search within all of OTX, or narrow search to indicators, malware families, adversaries, etc.
AlienVault OTX pulse

Additional Resources

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Chad Warner

Chad Warner

Cyber threat intelligence (CTI), cybersecurity, & privacy enthusiast. Seeking a CTI job. Bookworm. Fan of Tolkien & LEGO.