RST Report Hub logo main blue

Automate your Threat Intelligence Report Processing

Are you tired of spending countless hours reading hundreds of threat intelligence reports? Do you wish there was a way to easily extract critical information without manual analysis of endless pages?

RST Report Hub is here to change the game, with powerful automation that make processing of these reports a breeze.

RST Report Hub transforms texts of threat reports into STIX 2.1 automatically

Key Benefits

activity 1 (3)

Save time and increase efficiency by automating processing of dozens of threat intelligence reports

activity 1 (1)

Access historical threat intelligence reports, even if they have been removed or become unavailable elsewhere

activity 1 (2)

Improve your threat detection and response capabilities with the critical data provided in the latest TI reports


TI Reports/Year


Original reports and extracted metadata


Threat actors, campaigns, malware, CVE, TTP, Geo, industries, indicators, and more

What makes us different

Massive collection of threat intelligence reports organised as a library

Our advanced parsing highlights key threat intel elements and standardises them in JSON and STIX formats

A single, centralised location for accessing threat intelligence reports. No more time wasted searching for TI reports across many sources

Rich metadata: TTPs, IOCs, attributed malware and APT groups, frameworks and software used by adversaries, vulnerabilities and so on

A brief summary of the key points for each TI report, which significantly reduces the time to grasp the main idea

Usage Examples


Threat intelligence specialists use the centralised library of TI reports, making it easy to access the latest threat intelligence and provide insights to other teams


SOC analysts can get valuable insights into the latest threats and vulnerabilities, enabling them to quickly identify and respond to potential security incidents


Threat hunters can quickly access critical threat intelligence information to support their investigations and validate their hypotheses

Credit card_fill

The TI report library can provide valuable insights to help incident response teams identify and contain the threat


Risk management officers use the data to define current threat landscape and identify potential risks to their organization

RST Report Hub


  "id": "20230501_tiprovider_123456_report_0x789abcde",
  "date": "20230501",
  "url": "",
  "title": "Crypto-Mining Malware Discovered on Linux SSH Servers",
  "img": "",
  "cves": [
  "threats": [
  "ttps": [
  "industry": [
  "geo": [
  "softs": [
    "microsoft defender for endpoint",
    "microsoft defender",
    "microsoft 365 defender",
    "microsoft teams",
    "azure active directory",
    "active directory",
    "active directory federation services",
    "windows hello",
    "windows firewall"
  "program_languages": [
  "detects": {
    "yara": true,
    "sigma": false
  "iocs": {
    "ip": [
    "domain": [
    "url": [
    "hash": [
        "md5": "abcd1234efgh5678ijklmnopqrstuvwx"
  "summary": "The short summary of the report - 2-3 mins to read",
  "facts": "An ultra short abstract - 1 min to read",
  "idea": "The main idea of the report",
  "meta": {
      "created": "auto",
      "verified": false,
      "translate": "auto"
STIX 2.1