Gatewatcher_CTI#
README
Gatewatcher#
Gatewatcher is a European leader in advanced Threats detection, protecting critical networks of large Entreprises and Governement organisations since 2015.
Gatewatcher CTI#
The Gatewatcher CTI (Cyber Threat Intelligence) offer is compatible with all cybersecurity solutions. It immediately enhances your detection with contextual information about internal and external cyber threats specifically targeting your business.
How to obtain credentials ?#
If you want to try our freemium offer your can obtain your API key : https://info.gatewatcher.com/en/lp-free-ioc-analysis-api-key
How the analyzer works ?#
Gatewatcher CTI analyzer allows you to get information about hashes,urls,domains,fqdn,ips or emails. - To enable Gatewatcher_CTI analyzer: - Navigate to "Organization" -> "Analyzers" - Refresh analyzers to ensure that you have the lastest version. - Search for "Gatewatcher_CTI". - Enable it and configure its parameters (LIS API key is required).
Run on hashes/urls/domains/fqdns#
Search for an Indicator of Compromise (IoC: url, host/domain, hash) or vulnerability in the Gatewatcher CTI database.
- Short report
- Long report
Run on IPs#
Retrieves metadata, security threat alerts, and a contextualized timeline of events associated with a specific IP address from the Gatewatcher CTI database.
- Short report
- Long report
Run on emails#
Get all contextual informations (hash of password, url of connection...) for a targeted email address from the Gatewatcher CTI database.
- Short report
- Long report
Gatewatcher_CTI#
Author: Gatewatcher
License: AGPL-3.0
Version: 2.0
Supported observables types:
- hash
- domain
- fqdn
- url
- ip
- mail
Registration required: True
Subscription required: True
Free subscription: False
Third party service: https://www.gatewatcher.com/
Description#
Get Gatewatcher CTI Report
Configuration#
| apiKey | Gatewatcher CTI Api Key. |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| extendedReport | Show reports for relations. |
|---|---|
| Default value if not configured | True |
| Type of the configuration item | boolean |
| The configuration item can contain multiple values | False |
| Is required | True |
| maxRelations | Max relation reports to display if you have enabled the extendReport option. Set -1 to show all report |
|---|---|
| Default value if not configured | 50 |
| Type of the configuration item | number |
| The configuration item can contain multiple values | False |
| Is required | False |