The Andariel project was created to provide timely information about cybercrimes, their consequences, as well as to prevent such incidents.
The Andariel Add-on includes 3 in 1 access to the Andariel project information. It will automatically add information about vulnerabilities from the Andariel platform to your database. You will be able to analyze the information through splunk search. To use the add-on, the Andariel platform API key is required. If you have any questions, you can contact email@example.com.
3 available data sampling options:
«Darkapi» - this API is designed to efficiently and conveniently preview and demonstrate selected information on threat-related content, and breach activity presented on the selected top-tier underground sites. The API is designed to preview information from a selected customized base of Top-tier sources. These selected sources were chosen due to their highest level of threat credibility within the cybercrime hierarchy. Being the central nodes of the cybercrime network all across the world, these several communities accumulate the most dangerous and prolific cybercrime offers and discussions and host the most credited cybercrime auctions.
«Botapi» - this API is designed to conveniently preview and demonstrate information and indicators of compromise (IOCs) regarding workstations, machines, and networks that were infected or unlawfully accessed by threat actors.
«Iocapi» - is designed for quick and convenient access to AdvIntel’s Andariel Platform indicator searches across the Advanced Intelligence IOC dataset. This section includes AdvIntel’s technical reporting on the most urgent emerging malware threats and botnet collections, including the analysis created by our reverse engineering operations.
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.