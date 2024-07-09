DUBAI, UNITED ARAB EMIRATES, July 9, 2024 /EINPresswire.com/ -- ANY.RUN, a trusted provider of cybersecurity solutions, has made a significant upgrade to its Threat Intelligence Lookup platform by incorporating Suricata search capabilities. This new feature aims to help users identify more network threats with greater precision.

𝐀𝐍𝐘.𝐑𝐔𝐍'𝐬 𝐓𝐡𝐫𝐞𝐚𝐭 𝐈𝐧𝐭𝐞𝐥𝐥𝐢𝐠𝐞𝐧𝐜𝐞 𝐋𝐨𝐨𝐤𝐮𝐩

ANY.RUN's Threat Intelligence Lookup provides access to a comprehensive repository of threat data extracted from public analysis sessions in the ANY.RUN sandbox. This tool enables users to search against its database using individual or combined indicators of compromise (IOCs) to find emerging and active malware, as well as other cyber threats.

𝐒𝐮𝐫𝐢𝐜𝐚𝐭𝐚 𝐒𝐞𝐚𝐫𝐜𝐡

With the introduction of the Suricata Search feature, TI Lookup now lets users hunt for active network security threats using Suricata rule details.

𝐇𝐨𝐰 𝐒𝐮𝐫𝐢𝐜𝐚𝐭𝐚 𝐒𝐞𝐚𝐫𝐜𝐡 𝐖𝐨𝐫𝐤𝐬

Users can create a specific query that includes the rule's class, message, ID, and even threat level (e.g., SuricataThreatLevel:"malicious" and SuricataMessage:"External IP"). Suricata parameters can be combined with other indicators, such as domains, to refine the search.

Once the search query is executed, the service will display all threats that match the query. Each result will contain additional information about the threat, including associated tags (e.g., denoting the APT or malware family) and MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs) used by the threat.

To further investigate each threat, users can navigate to the ANY.RUN sandbox for a more detailed analysis.

Learn more about Suricata Search and TI Lookup on ANY.RUN’s blog.

𝐀𝐛𝐨𝐮𝐭 𝐀𝐍𝐘.𝐑𝐔𝐍

With a suite of cybersecurity products that includes an interactive sandbox and a Threat Intelligence portal, ANY.RUN supports 400,000 professionals worldwide. The sandbox offers a streamlined method for analyzing malware and phishing targeting both Windows and Linux systems. ANY.RUN's Threat Intelligence services: Lookup, Feeds, and YARA Search, enable users to quickly collect and enrich their data on currently active threats.