mirror of https://github.com/MISP/misp-galaxy
479 lines
15 KiB
JSON
479 lines
15 KiB
JSON
{
|
||
"authors": [
|
||
"Various"
|
||
],
|
||
"category": "actor",
|
||
"description": "List of threat intelligence producer from security vendors to CERTs including any producer of intelligence at large.",
|
||
"name": "Producer",
|
||
"source": "MISP Project",
|
||
"type": "producer",
|
||
"uuid": "faab7b69-c850-491a-b36c-ba48c1c03279",
|
||
"values": [
|
||
{
|
||
"description": "Intel 471 provides adversary and malware intelligence for leading security teams. Our adversary intelligence is focused on infiltrating access to closed sources where threat actors collaborate, communicate and plan cyber attacks. Our malware intelligence leverages our adversary intelligence and underground capabilities to provide timely data and context on malicious infrastructure.",
|
||
"meta": {
|
||
"company-type": [
|
||
"Cyber Security Vendor"
|
||
],
|
||
"country": "US",
|
||
"official-refs": [
|
||
"https://intel471.com/"
|
||
],
|
||
"product-type": [
|
||
"intelligence-feed-provider"
|
||
],
|
||
"products": [
|
||
"Malware Intelligence",
|
||
"Vulnerability Intelligence"
|
||
],
|
||
"refs": [
|
||
"https://www.applytosupply.digitalmarketplace.service.gov.uk/g-cloud/services/448869643798857"
|
||
],
|
||
"synonyms": [
|
||
"Intel 471 Inc.",
|
||
"Intel 471"
|
||
]
|
||
},
|
||
"uuid": "306bc923-3200-47e3-ade9-50ffc41f668c",
|
||
"value": "Intel471"
|
||
},
|
||
{
|
||
"description": "Sophos Ltd. is a British-based security software and hardware company. It was listed on the London Stock Exchange until it was acquired by Thoma Bravo in February 2020",
|
||
"meta": {
|
||
"company-type": [
|
||
"Cyber Security Vendor"
|
||
],
|
||
"country": "UK",
|
||
"official-refs": [
|
||
"https://www.sophos.com/"
|
||
],
|
||
"product-type": [
|
||
"antivirus-vendor"
|
||
],
|
||
"products": [
|
||
"Endpoint"
|
||
],
|
||
"refs": [
|
||
"https://www.sophos.com/en-us/legal"
|
||
],
|
||
"synonyms": [
|
||
"Sophos LTD"
|
||
]
|
||
},
|
||
"uuid": "455b9e40-e8dd-443b-87b3-c70bd09b4231",
|
||
"value": "Sophos"
|
||
},
|
||
{
|
||
"description": "Group-IB is a creator of cybersecurity technologies to investigate, prevent and fight digital crime",
|
||
"meta": {
|
||
"company-type": [
|
||
"Cyber Security Vendor"
|
||
],
|
||
"official-refs": [
|
||
"https://www.group-ib.com/"
|
||
],
|
||
"product-type": [
|
||
"Threat Intelligence",
|
||
"Attack Surface Management",
|
||
"Fraud Protection",
|
||
"Digital Risk Protection",
|
||
"Managed XDR",
|
||
"Business Email Protection"
|
||
],
|
||
"products": [
|
||
"Unified Risk Platform"
|
||
],
|
||
"refs": [
|
||
"https://www.group-ib.com/about-us/"
|
||
]
|
||
},
|
||
"uuid": "21afba9e-cd2a-45c9-b421-b1f14fd181e9",
|
||
"value": "Group-IB"
|
||
},
|
||
{
|
||
"description": "Mandiant is an American cybersecurity firm and a subsidiary of Google.",
|
||
"meta": {
|
||
"company-type": [
|
||
"Information security"
|
||
],
|
||
"country": "US",
|
||
"official-refs": [
|
||
"https://www.mandiant.com/"
|
||
],
|
||
"product-type": [
|
||
"Proactive Exposure Management",
|
||
"Government",
|
||
"Digital Risk Protection",
|
||
" Ransomware Protection"
|
||
],
|
||
"products": [
|
||
"OpenIOC"
|
||
],
|
||
"refs": [
|
||
"https://en.wikipedia.org/wiki/Mandiant"
|
||
]
|
||
},
|
||
"uuid": "da5cdcd1-7b15-4371-b7eb-ca32916d2052",
|
||
"value": "Mandiant"
|
||
},
|
||
{
|
||
"description": "Thread intelligence provider focusing on data leaks",
|
||
"meta": {
|
||
"country": "US",
|
||
"official-refs": [
|
||
"https://spycloud.com"
|
||
],
|
||
"product-type": [
|
||
"Post-Infection Remediation",
|
||
"Ransomware Prevention",
|
||
"Automated ATO Prevention",
|
||
"Session Hijacking Prevention",
|
||
"Threat Actor Attribution",
|
||
"Fraud Prevention"
|
||
]
|
||
},
|
||
"uuid": "ad99da77-986b-45bc-a7b0-c1887dd55b59",
|
||
"value": "Spycloud"
|
||
},
|
||
{
|
||
"description": "DomainTools is a leading provider of Whois and other DNS profile data for threat intelligence enrichment.",
|
||
"meta": {
|
||
"company-type": [
|
||
"Threat Intelligence"
|
||
],
|
||
"country": "US",
|
||
"official-refs": [
|
||
"https://www.domaintools.com/"
|
||
],
|
||
"products": [
|
||
"Iris Intelligence Platform",
|
||
"Farsight DNSDB",
|
||
"Threat Intelligence Feeds"
|
||
],
|
||
"refs": [
|
||
"https://icannwiki.org/DomainTools"
|
||
]
|
||
},
|
||
"uuid": "993c6a36-b625-4a1f-8737-72ba5a197744",
|
||
"value": "Domaintools"
|
||
},
|
||
{
|
||
"description": "Feedly is an AI-powered news aggregator application for various web browsers and mobile devices running iOS and Android. It is also available as a cloud-based service.",
|
||
"meta": {
|
||
"official-refs": [
|
||
"https://feedly.com/homepage"
|
||
],
|
||
"product-type": [
|
||
"Threat Intelligence"
|
||
],
|
||
"refs": [
|
||
"https://en.wikipedia.org/wiki/Feedly"
|
||
]
|
||
},
|
||
"uuid": "4e7c737a-4912-488a-8571-1f9226ebad05",
|
||
"value": "Feedly"
|
||
},
|
||
{
|
||
"description": "Database of public networks, IP addresses and domain names owned by companies and organisations worldwide.",
|
||
"meta": {
|
||
"official-refs": [
|
||
"https://networksdb.io/"
|
||
],
|
||
"refs": [
|
||
"https://twitter.com/networksdbio"
|
||
]
|
||
},
|
||
"uuid": "17fec4c4-3822-4198-9735-cee04aa51305",
|
||
"value": "Networksdb.io"
|
||
},
|
||
{
|
||
"description": "Compagny providing comprehensive dataset of internet intelligence",
|
||
"meta": {
|
||
"country": "US",
|
||
"official-refs": [
|
||
"https://censys.com/",
|
||
"https://censys.io/"
|
||
],
|
||
"products": [
|
||
"Censys Search",
|
||
"Exposure Management",
|
||
"The Censys Internet Map",
|
||
"Integrations"
|
||
]
|
||
},
|
||
"uuid": "101ca178-12c8-4488-b234-93f263e30b1a",
|
||
"value": "Censys"
|
||
},
|
||
{
|
||
"description": "DomainIQ is an internet research tool providing information about a domain name, its owner, the server it's hosted on, its ownership history, similar domains and more.",
|
||
"meta": {
|
||
"country": "US",
|
||
"official-refs": [
|
||
"https://www.domainiq.com"
|
||
]
|
||
},
|
||
"uuid": "3f79697b-63d8-4c86-aabf-84df1f03c43d",
|
||
"value": "DomainIQ"
|
||
},
|
||
{
|
||
"description": "Computer and Network Security",
|
||
"meta": {
|
||
"company-type": [
|
||
"Computer and Network Security"
|
||
],
|
||
"country": "FI",
|
||
"official-refs": [
|
||
"https://www.arcticsecurity.com/"
|
||
],
|
||
"synonyms": [
|
||
"Arctic Security"
|
||
]
|
||
},
|
||
"uuid": "542f8890-128b-42ca-97f9-8fe2af7ab783",
|
||
"value": "Arctic"
|
||
},
|
||
{
|
||
"description": "BitSight is a cybersecurity ratings company that analyzes companies, government agencies, and educational institutions.",
|
||
"meta": {
|
||
"country": "US",
|
||
"official-refs": [
|
||
"https://www.bitsight.com"
|
||
]
|
||
},
|
||
"uuid": "1e98d9ac-0ef1-4046-bf9f-7c905a56ba90",
|
||
"value": "Bitsight"
|
||
},
|
||
{
|
||
"description": "RiskIQ, Inc. is a cyber security company that was based in San Francisco, California. It provided cloud-based software as a service (SaaS) for organizations to detect phishing, fraud, malware, and other online security threats. RiskIQ was acquired by Microsoft in July 2021.",
|
||
"meta": {
|
||
"company-type": [
|
||
"Cyber Security company"
|
||
],
|
||
"country": "US",
|
||
"official-refs": [
|
||
"https://community.riskiq.com/"
|
||
],
|
||
"product-type": [
|
||
"Threat detection"
|
||
],
|
||
"refs": [
|
||
"https://en.wikipedia.org/wiki/RiskIQ"
|
||
]
|
||
},
|
||
"uuid": "9f279581-5514-42cd-8011-05af9787ee37",
|
||
"value": "RiskIQ"
|
||
},
|
||
{
|
||
"description": "Sweepatic is a cybersecurity company",
|
||
"meta": {
|
||
"company-type": [
|
||
"Cyber Security vendor"
|
||
],
|
||
"country": "BE",
|
||
"official-refs": [
|
||
"https://www.sweepatic.com"
|
||
],
|
||
"product-type": [
|
||
"EASM platform"
|
||
]
|
||
},
|
||
"uuid": "c9bd796a-8b73-42ab-8abe-0016292f5528",
|
||
"value": "Sweepatic"
|
||
},
|
||
{
|
||
"description": "Team Cymru is an internet security firm that offers research services making the internet a more secure place.",
|
||
"meta": {
|
||
"company-type": [
|
||
"Cyber Security vendor"
|
||
],
|
||
"country": "US",
|
||
"official-refs": [
|
||
"https://www.team-cymru.com/"
|
||
],
|
||
"product-type": [
|
||
"Threat Intelligence Solutions",
|
||
"Attack Surface Management Solution",
|
||
"Threat Feeds"
|
||
],
|
||
"products": [
|
||
"Pure Signal™ Recon",
|
||
"Pure Signal™ Scout",
|
||
"Pure Signal™ Orbit",
|
||
"IP Reputation Feed",
|
||
"Controller Feed",
|
||
"Botnet Analysis & Reporting"
|
||
]
|
||
},
|
||
"uuid": "8a22c0b2-d05f-4142-ab74-ffdf38fe4758",
|
||
"value": "Team Cymru"
|
||
},
|
||
{
|
||
"description": "G Data CyberDefense AG (until September 2019 G Data Software AG) is a German software company that focuses on computer security.",
|
||
"meta": {
|
||
"company-type": [
|
||
"Computer software"
|
||
],
|
||
"country": "DE",
|
||
"official-refs": [
|
||
"https://www.gdata-software.com",
|
||
"https://www.gdatasoftware.co.uk"
|
||
],
|
||
"product-type": [
|
||
"Antivirus software",
|
||
"Mobile Device Management"
|
||
],
|
||
"products": [
|
||
"AntiVirus",
|
||
"InternetSecurity",
|
||
"TotalSecurity",
|
||
"AntiVirus for Mac",
|
||
"AntiVirus Business",
|
||
"AntiVirus Enterprise",
|
||
"ClientSecurity Business",
|
||
"ClientSecurity Enterprise",
|
||
"EndpointProtection Business",
|
||
"EndpointProtection Enterprise",
|
||
"MailSecurity",
|
||
"PatchManagement",
|
||
"Mobile Security",
|
||
"VPN"
|
||
],
|
||
"refs": [
|
||
"https://en.wikipedia.org/wiki/G_Data_CyberDefense"
|
||
],
|
||
"synonyms": [
|
||
"GDATA",
|
||
"G Data CyberDefense AG",
|
||
"G Data Software AG"
|
||
]
|
||
},
|
||
"uuid": "2b69f676-c875-4000-8350-5f162e69d908",
|
||
"value": "G DATA"
|
||
},
|
||
{
|
||
"description": "Sekoia.io is a European cybersecurity SAAS company, whose mission is to develop the best protection capabilities against cyber attacks.",
|
||
"meta": {
|
||
"company-type": [
|
||
"Cyber Security Vendor"
|
||
],
|
||
"country": "FR",
|
||
"official-refs": [
|
||
"https://www.sekoia.io"
|
||
],
|
||
"product-type": [
|
||
"eXtended Detection and Response SaaS platform"
|
||
],
|
||
"products": [
|
||
"SIEM RELOADED | Sekoia Defend",
|
||
"CTI RELOADED"
|
||
]
|
||
},
|
||
"uuid": "6c9ef130-7cf6-4eeb-9e65-46228fc5e30c",
|
||
"value": "Sekoia"
|
||
},
|
||
{
|
||
"description": "Excellium Services Group is a cyber-security consulting and technology Integration Company established since 2012 in Luxemburg and Belgium, with activities and in France and Africa.",
|
||
"meta": {
|
||
"company-type": [
|
||
"Cyber-security consulting and technology Integration Company",
|
||
"CSIRT"
|
||
],
|
||
"country": "LU",
|
||
"official-refs": [
|
||
"https://excellium-services.com"
|
||
],
|
||
"product-type": [
|
||
"CERT-XLM",
|
||
"SOC",
|
||
"GDPR Services",
|
||
"Information Security Governance",
|
||
"Intrusion Tests – Red Team (Application Security Team)",
|
||
"Network & Security Infrastructure",
|
||
"Training"
|
||
],
|
||
"products": [
|
||
"EyeGuard",
|
||
"EyeTools",
|
||
"EyeDeep",
|
||
"EyeTLD",
|
||
"EyeNotify"
|
||
]
|
||
},
|
||
"uuid": "73ae2776-3700-4120-84ae-7e9785e6071b",
|
||
"value": "Excellium"
|
||
},
|
||
{
|
||
"description": "Telindus is a brand of Proximus Luxembourg SA. Founded in 1979, Telindus Luxembourg accompanies all organizations in their digital transformation, by providing holistic ICT & Telecommunication solutions, as well as tailored support services. Our areas of expertise include Telecommunication Services, ICT Infrastructure, Multi-Cloud, Digital Trust Solutions, Cybersecurity, Business Applications, Managed Services and Training.",
|
||
"meta": {
|
||
"company-type": [
|
||
"Service Provider"
|
||
],
|
||
"country": "LU",
|
||
"official-refs": [
|
||
"https://www.telindus.lu/en"
|
||
],
|
||
"product-type": [
|
||
"Ethical Hacking",
|
||
"Infrastructure Security",
|
||
"Managed Security Services",
|
||
"Protection, Detection and Orchestration",
|
||
"Security Operations Center",
|
||
"Strategy, risk, management and advice",
|
||
"ICT solutions",
|
||
"Telecoms",
|
||
"Cloud"
|
||
]
|
||
},
|
||
"uuid": "4155eec3-fae2-4e80-a9a6-89b0f976851a",
|
||
"value": "Telindus"
|
||
},
|
||
{
|
||
"description": "Bleeping Computer is a website covering technology news and offering free computer help via its forums that was created by Lawrence Abrams in 2004. It publishes news focusing heavily on cybersecurity, but also covers other topics including computer software, computer hardware, operating system and general technology.",
|
||
"meta": {
|
||
"company-type": [
|
||
"Technology news and computer help"
|
||
],
|
||
"country": "US",
|
||
"official-refs": [
|
||
"https://www.bleepingcomputer.com/"
|
||
],
|
||
"product-type": [
|
||
"Security and Technology Blog Posts"
|
||
],
|
||
"refs": [
|
||
"https://en.wikipedia.org/wiki/Bleeping_Computer"
|
||
]
|
||
},
|
||
"uuid": "ec3fb9b0-4f24-4099-ad48-3e8f68e88275",
|
||
"value": "BleepingComputer"
|
||
},
|
||
{
|
||
"description": "",
|
||
"meta": {
|
||
"country": "US",
|
||
"refs": [
|
||
"https://talosintelligence.com/",
|
||
"https://blog.talosintelligence.com/"
|
||
],
|
||
"synonyms": [
|
||
"Cisco Talos"
|
||
]
|
||
},
|
||
"uuid": "0adf6f0f-3795-4de1-9763-1bdd1c31a5d7",
|
||
"value": "Cisco Talos Intelligence Group"
|
||
},
|
||
{
|
||
"description": "Headquartered in The Hague, the Netherlands, Europol’s mission is to support its Member States in preventing and combating all forms of serious international and organised crime, cybercrime and terrorism. Europol also works with many non-EU partner states and international organisations.",
|
||
"meta": {
|
||
"country": "NL",
|
||
"official-refs": [
|
||
"https://www.europol.europa.eu/"
|
||
]
|
||
},
|
||
"uuid": "f6eae887-7ee4-4999-a909-5eef291c40cc",
|
||
"value": "Europol"
|
||
}
|
||
],
|
||
"version": 7
|
||
}
|