RST Report Hub logo main blue

Automate your Threat Intelligence Report Processing

Are you tired of spending countless hours reading hundreds of threat intelligence reports? Do you wish there was a way to easily extract critical information without manual analysis of endless pages?

RST Report Hub is here to change the game, with powerful automation that make processing of these reports a breeze.

RST Report Hub transforms texts of threat reports into STIX 2.1 automatically

Key Benefits

activity 1 (3)

Save time and increase efficiency by automating processing of dozens of threat intelligence reports

activity 1 (1)

Access historical threat intelligence reports, even if they have been removed or become unavailable elsewhere

activity 1 (2)

Improve your threat detection and response capabilities with the critical data provided in the latest TI reports

4000+

TI Reports/Year

STIX 2.1, PDF, JSON

Original reports and extracted metadata

TTPs/IOCs

Threat actors, campaigns, malware, CVE, TTP, Geo, industries, indicators, and more

What makes us different

Massive collection of threat intelligence reports organised as a library

Our advanced parsing highlights key threat intel elements and standardises them in JSON and STIX formats

A single, centralised location for accessing threat intelligence reports. No more time wasted searching for TI reports across many sources

Rich metadata: TTPs, IOCs, attributed malware and APT groups, frameworks and software used by adversaries, vulnerabilities and so on

A brief summary of the key points for each TI report, which significantly reduces the time to grasp the main idea

Usage Examples

Message_alt_fill

Threat intelligence specialists use the centralised library of TI reports, making it easy to access the latest threat intelligence and provide insights to other teams

world_fill

SOC analysts can get valuable insights into the latest threats and vulnerabilities, enabling them to quickly identify and respond to potential security incidents

Info_fill

Threat hunters can quickly access critical threat intelligence information to support their investigations and validate their hypotheses

Credit card_fill

The TI report library can provide valuable insights to help incident response teams identify and contain the threat

Pipe_fill

Risk management officers use the data to define current threat landscape and identify potential risks to their organization

RST Report Hub

JSON

  {
  "id": "20230501_tiprovider_123456_report_0x789abcde",
  "date": "20230501",
  "url": "https://tiprovide.example.com/en/12345",
  "title": "Crypto-Mining Malware Discovered on Linux SSH Servers",
  "img": "https://anon.example.com/wp-content/uploads/2023/04/04_hacked_04.png",
  "cves": [
    "CVE-2022-47966",
    "CVE-2022-26134"
  ],
  "threats": [
    "kono_dio_da_campaign",
    "xmrig_miner",
    "shellbot",
    "chinaz",
    "kinsing_miner",
    "log4shell_vuln"
  ],
  "ttps": [
    "ta0009",
    "ta0002"
  ],
  "industry": [
    "healthcare",
    "aerospace",
    "education",
    "energy",
    "financial",
    "government",
    "telco"
  ],
  "geo": [
    "china",
    "taiwanese",
    "chinese",
    "iranian",
    "iran"
  ],
  "softs": [
    "microsoft defender for endpoint",
    "microsoft defender",
    "microsoft 365 defender",
    "microsoft teams",
    "azure active directory",
    "confluence",
    "active directory",
    "active directory federation services",
    "windows hello",
    "windows firewall"
  ],
  "program_languages": [
    "perl",
    "javascript"
  ],
  "detects": {
    "yara": true,
    "sigma": false
  },
  "iocs": {
    "ip": [
      "12.34.56.78",
      "98.76.54.32:80"
    ],
    "domain": [
      "mining.example.net:1444"
    ],
    "url": [
      "http://12.34.56.78/.bo/am"
    ],
    "hash": [
      {
        "md5": "abcd1234efgh5678ijklmnopqrstuvwx"
      }
    ]
  },
  "summary": "The short summary of the report - 2-3 mins to read",
  "facts": "An ultra short abstract - 1 min to read",
  "idea": "The main idea of the report",
  "meta": {
      "created": "auto",
      "verified": false,
      "translate": "auto"
  }
}
STIX 2.1