NERD#
README
Nerd#
Project Nerd aims to build an extensive reputation database of known sources of cyber threats. That is, a list of known malicious IP addresses or other network entities (e.g. ASNs or domain names) together with all security-relevant information about each of them.
The analyzer comes in a single flavour that will return additional information categorization for provided ip.
Requirements#
You need a valid Nerd API integration subscription to use the analyzer.
- Provide your API key as values for the
keyparameter. - Default url of NERD instance is provided for
urlparameter but you could override it.
NERD#
Author: Vaclav Bartos, CESNET
License: AGPL-V3
Version: 1.0
Supported observables types:
- ip
Registration required: True
Subscription required: False
Free subscription: True
Third party service: https://nerd.cesnet.cz/
Description#
Get Reputation score and other basic information from Network Entity Reputation Database (NERD)
Configuration#
| key | API key |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| url | Base URL of the NERD instance |
|---|---|
| Default value if not configured | https://nerd.cesnet.cz/nerd/ |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | False |
Templates samples for TheHive#
