RST Report Hub

Key Benefits

Save time and increase efficiency by automating processing of dozens of threat intelligence reports

Access historical threat intelligence reports, even if they have been removed or become unavailable elsewhere

Improve your threat detection and response capabilities with the critical data provided in the latest TI reports

4000+

TI Reports/Year

PDF+JSON

Original reports and extracted metadata

TTPs/IOCs

Threat data and more

What makes us different

Massive collection of threat intelligence reports organized as a library

Our advanced parsing highlights key threat intel elements and standardizes them in JSON and STIX formats

A single, centralized location for accessing threat intelligence reports. No more time wasted searching for TI reports across many sources

Rich metadata: TTPs, IOCs, attributed malware and APT groups, framework and software used by adversaries, vulnerabilities and so on

A brief summary of the key points for each TI report, which significantly reduces the costs of threat intelligence report processing

Usage Examples

Get Trial

Threat intelligence specialists use the centralized library of TI reports, making it easy to access the latest threat intelligence and provide insights to other teams

SOC analysts can get valuable insights into the latest threats and vulnerabilities, enabling them to quickly identify and respond to potential security incidents

Threat hunters can quickly access critical threat intelligence information to support their investigations and validate their hypotheses

The TI report library can provide valuable insights to help incident response teams identify and contain the threat

Risk management officers use the data to define current threat landscape and identify potential risks to their organization

Report Metadata


  {
  "id": "20230501_tiprovider_123456_report_0x789abcde",
  "date": "20230501",
  "url": "https://tiprovide.example.com/en/12345",
  "title": "Crypto-Mining Malware Discovered on Linux SSH Servers",
  "img": "https://anon.example.com/wp-content/uploads/2023/04/04_hacked_04.png",
  "cves": [
    "CVE-2022-47966",
    "CVE-2022-26134"
  ],
  "threats": [
    "kono_dio_da_campaign",
    "xmrig_miner",
    "shellbot",
    "chinaz",
    "kinsing_miner",
    "log4shell_vuln"
  ],
  "ttps": [
    "ta0009",
    "ta0002"
  ],
  "industry": [
    "healthcare",
    "aerospace",
    "education",
    "energy",
    "financial",
    "government",
    "telco"
  ],
  "geo": [
    "china",
    "taiwanese",
    "chinese",
    "iranian",
    "iran"
  ],
  "softs": [
    "microsoft defender for endpoint",
    "microsoft defender",
    "microsoft 365 defender",
    "microsoft teams",
    "azure active directory",
    "confluence",
    "active directory",
    "active directory federation services",
    "windows hello",
    "windows firewall"
  ],
  "program_languages": [
    "perl",
    "javascript"
  ],
  "detects": {
    "yara": true,
    "sigma": false
  },
  "iocs": {
    "ip": [
      "12.34.56.78",
      "98.76.54.32:80"
    ],
    "domain": [
      "mining.example.net:1444"
    ],
    "url": [
      "http://12.34.56.78/.bo/am"
    ],
    "hash": [
      {
        "md5": "abcd1234efgh5678ijklmnopqrstuvwx"
      }
    ]
  },
  "summary": "The short summary of the report - 2-3 mins to read",
  "facts": "An ultra short abstract - 1 min to read",
  "idea": "The main idea of the report",
  "meta": {
      "created": "auto",
      "verified": false,
      "translate": "auto"
  }
}

Go to API Docs

Automate your Threat Intelligence Report Processing