RST Report Hub

Automate your Threat Intelligence Report Processing

Are you tired of spending countless hours poring over threat intelligence reports? Do you wish there was a way to easily extract critical information without manually combing through endless pages of data? The RST Report Hub is here to change the game, with powerful automation tools that make processing these reports a breeze.

Group 33012

Key Benefits

activity 1 (3)

Save time and increase efficiency by automating processing of dozens of threat intelligence reports

activity 1 (1)

Access historical threat intelligence reports, even if they have been removed or become unavailable elsewhere

activity 1 (2)

Improve your threat detection and response capabilities with the critical data provided in the latest TI reports

4000+

TI Reports/Year

PDF+JSON

Original reports and extracted metadata

TTPs/IOCs

Threat data and more

What makes us different

Massive collection of threat intelligence reports organized as a library

Our advanced parsing highlights key threat intel elements and standardizes them in a JSON format

A single, centralized location for accessing threat intelligence reports. No more time wasted searching for TI reports across many sources

Rich metadata: TTPs, IOCs, attributed malware and APT groups, framework and software used by adversaries, vulnerabilities and so on

A brief summary of the key points for each TI report, which significantly reduces the costs of threat intelligence report processing

Usage Examples

Message_alt_fill

Threat intelligence specialists use the centralized library of TI reports, making it easy to access the latest threat intelligence and provide insights to other teams

world_fill

SOC analysts can get valuable insights into the latest threats and vulnerabilities, enabling them to quickly identify and respond to potential security incidents

Info_fill

Threat hunters can quickly access critical threat intelligence information to support their investigations and validate their hypotheses

Credit card_fill

The TI report library can provide valuable insights to help incident response teams identify and contain the threat

Pipe_fill

Risk management officers use the data to define current threat landscape and identify potential risks to their organization

RST Report Hub

Report Metadata
Report Metadata 

  {
  "id": "20230501_tiprovider_123456_report_0x789abcde",
  "date": "20230501",
  "url": "https://tiprovide.example.com/en/12345",
  "title": "Crypto-Mining Malware Discovered on Linux SSH Servers",
  "img": "https://anon.example.com/wp-content/uploads/2023/04/04_hacked_04.png",
  "threats": [
    "kono_dio_da_campaign",
    "xmrig_miner",
    "shellbot",
    "chinaz",
    "kinsing_miner",
    "log4shell_vuln"
  ],
  "ttps": [
    "ta0009",
    "ta0002"
  ],
  "detects": {
    "yara": false,
    "sigma": false
  },
  "iocs": {
    "ip": [
      "12.34.56.78",
      "98.76.54.32:80"
    ],
    "domain": [
      "mining.example.net:1444"
    ],
    "url": [
      "http://12.34.56.78/.bo/am"
    ],
    "hash": [
      {
        "md5": "abcd1234efgh5678ijklmnopqrstuvwx"
      }
    ]
  },
  "descr": {
    "data": {
      "summary": {
        "eng": "eng_summary",
        "ru": "ru_summary"
      },
      "idea": {
        "eng": "eng_idea",
        "ru": "ru_idea"
      },
      "facts": {
        "eng": "eng_facts",
        "ru": "ru_facts"
      }
    },
    "meta": {
      "created": "auto",
      "verified": false,
      "translate": "auto"
    }
  }
}

Go to API Docs