Now, we are using Graylog Platfrom as SIEM (Security Information Event Management) system.
We want to contribute our great IoC database to the community. Hopefully we can build a strong security community from the Graylog platform.
our IoC database setups as local database with lookup table (mongodb type) which helps quick search and update.
and more, we support a agent to update IoC database real time 24/7
Let’s join with us to contribute SOC Community base on Graylog Platform
Github Link: GitHub - SOC-Community/ioc-database: https://ioc.ghtk.vn/
Good to know - i am more curiosity to know what component involved in your SIEM apart from graylog.
Looks like to get this API we need to provide official email seems to be, that wont work for some people to test.
there are some providers offering free - with out asking official email, how different compare to them ?
1 Like
Now, we are sharing IoC database with 3 options:
- API KEY and support Client send HTTP Request => accept anonymous account, unlimit total requests
- Plugin graylog is like this threatintel GitHub - Graylog2/graylog-plugin-threatintel: Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases => are deployling plugin (comming soon)
- Share our full database (local lookup table) => just only official email register and accept as a partner (free obsolutely)
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.