Skip to content

NERD#

README

Nerd#

Project Nerd aims to build an extensive reputation database of known sources of cyber threats. That is, a list of known malicious IP addresses or other network entities (e.g. ASNs or domain names) together with all security-relevant information about each of them.

The analyzer comes in a single flavour that will return additional information categorization for provided ip.

Requirements#

You need a valid Nerd API integration subscription to use the analyzer.

  • Provide your API key as values for the key parameter.
  • Default url of NERD instance is provided for url parameter but you could override it.

NERD#

Author: Vaclav Bartos, CESNET
License: AGPL-V3
Version: 1.0
Supported observables types:
- ip
Registration required: True
Subscription required: False
Free subscription: True
Third party service: https://nerd.cesnet.cz/

Description#

Get Reputation score and other basic information from Network Entity Reputation Database (NERD)

Configuration#

key API key
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
url Base URL of the NERD instance
Default value if not configured https://nerd.cesnet.cz/nerd/
Type of the configuration item string
The configuration item can contain multiple values False
Is required False

Templates samples for TheHive#

NERD long report sample

NERD mini report sample


Last update: November 15, 2021 06:39:12