Skip to content

FireEyeiSight#

README

FireEyeiSight#

FireEyeiSight adds context and priority to global threats before, during and after an attack. Data is gleaned from the adversarial underground, virtual network detection sensors and Mandiant IR investigations from the world’s largest breaches.

The analyzer comes in only one flavor.

Requirements#

You need a valid FireEye iSight subscription to use the analyzer.

  • Provide your API key as a value for the key parameter.
  • Provide your associated password as a value for pwd parameter.

FireEyeiSight#

Author: Davide Arcuri and Andrea Garavaglia, LDO-CERT
License: AGPL-V3
Version: 1.0
Supported observables types:
- domain
- ip
- hash
- url
Registration required: True
Subscription required: True
Free subscription: False
Third party service: https://intelligence.fireeye.com/

Description#

Query domains, IPs, hashes and URLs on FireEye's iSIGHT threat intelligence service.

Configuration#

key API key for FireEye iSIGHT.
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
pwd Password associated to the API key.
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True

Templates samples for TheHive#

FireEyeiSight: Long report template


Last update: November 15, 2021 06:39:12