Latest Version 1.0.4
January 22, 2025
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
RST Threat Feed App for Splunk
This app provides integration of Splunk with RST Threat Feed. It is shipped with health reports and dashboards and also includes sample detection rules. This threat intelligence feed covers multiple categories of indicators including Phishing, Web Attacks, C2 Servers, Botnet, Malware, TOR nodes, Scanning Hosts, Bad Bots, DDoS, Cryptomining, Spamming Hosts, Fraud and other types.
Built by Yury Sergeev
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0
CIM Version: 6.x, 5.x
Rating
0
(0)
Log in to rate this app
Support
Developer Supported app
Ranking
#46
in Threat Intel
This app provides integration of Splunk with RST Threat Feed. It is shipped with health reports and dashboards and also includes sample detection rules. This threat intelligence feed covers multiple categories of indicators including Phishing, Web Attacks, C2 Servers, Botnet, Malware, TOR nodes, Scanning Hosts, Bad Bots, DDoS, Cryptomining, Spamming Hosts, Fraud and other types.
It includes the following types of indicators: IP, Domain, URL, md5, sha1, sha256
Each indicator has an individual score calculated based on its actuality and risk: what type of the indicators it is, who is the reporter of the indicators, how many others are already aware of that indicator, was that indicator exposed previously and many other contributing factors.
A trial key can be obtained from https://www.rstcloud.com/#free-trial
Categories
Created By
Yury Sergeev
Type
app
Downloads
635
Licensing
Splunk Answers
Resources
Log in to report this app listing