As part of the subscription, you receive indicators of threat, indicator enrichment data, safeattack samples, knowledge articles, vulnerabilities, advisories, playbooks and threat models.
You get a platform that can help you to create and enhance intel, create and maintain playbooks, threat models, sample workflows and knowledge. Perform adversory investigations. Share this data with other security products and analysts.
You get an ever increasing set of tools to operationalize intel. Rich API interface, plugins for SIEM, a platform for hunting for IOCs in the endpoints, cloud and workload discovery etc
You get the trainings and research from SpellSecurity Labs. Helping your analysts improve their skill set is an important goal for us. We also provide custom security services which can act as an extension to your InfoSec team.
100s of knowledge feeds, Indicators - File, IP, Domains, Urls, Email addresses, Phishing emails, Signatures, malicious certificates, Threats, Threat Campaigns, Threat Actors, Victims, vulnerabilities, playbooks, threat models, ISP whitelists, advanced in the wild samples, safe samples and simulations, TTPs and workflows
Create custom feeds and intel, enrich intel traces - geo, passive dns, whois, malware mapping, passive ssl, scrape iocs from documents and online resources, create sample repositotories, create playbooks and threat models, vulnerability risk profiles, attack workflows
Investigate IOCs - Search internal data as well as scores of external sources, find related iocs and further extend the search, perform threat attribution and infrastructure discovery, collaborate and comment on any item on a timeline, share threat models, IOCs, playbooks and samples.
Filter and combine feeds and whitelists to create custom blocklist and signatures, Rich API interface to integrate with other security products, advanced safe samples and TTP simulation for red team simulation, endpoint hunting platform, log analysis tools and SIEM plugins