Cyber threat intelligence firm iSIGHT Partners has released a new Software Development Kit (SDK) and Browser Plugin in an effort to expand its threat intelligence integration capabilities.
Dubbed the ThreatScape Software Development Kit, the new software aims to maximize developers’ time & efficiency by automating common API tasks and reduce the amount of code required to integrate the company’s intelligence into new and existing applications, including other vendor’s products and customer’s internal tools.
Additionally, with the release of the ThreatScape Browser Plugin, researchers using Google’s Chrome Web browser can connect indicators of compromise (IOCs) on a web page or web-based tool with iSIGHTS’s threat intelligence.
“A key benefit of the Browser Plugin that we’re very excited about is the ability to work with any tool that is web based,” iSIGHT’s Jon Warren wrote in a blog post. “This means that users now have instant integration with cloud based providers as well as vendors that have not yet provided integration via the ThreatScape API & SDK. It even works with OWA email, so you can scan distributions that you are subscribed to. Additionally, this will enable customers who are not equipped or are in the process of integrating with internal tools initial integration capabilities. “
According to the ThreatScape SDK:
• Supports C, C++, C#, Perl and Python
• Supports latest versions of Red Hat Enterprise Linux, Microsoft Server and Windows 7
• Provides users with a group of single-call functions that automate common API tasks
• Reduces coding tasks by up to 80%
• Simplifies integration of vendor technology products and internal customer tools
The ThreatScape Browser Plugin is a Google Chrome extension that scans web pages and gives users “one click pivoting” from web sites and web tools to iSIGHT Partners intelligence. With the Plugin, users can match indicators on a web page with intelligence in ThreatScape Cloud and instantly access full reports for deeper context. Supported indicator types, include: IP addresses, domain names, file names, MD5, SHA1, SHA 256 and fuzzy hashes.
iSIGHT launched its ThreatScape API in 2014 and is currently working with twenty integration partners that leverage the company’s intelligence to enhance a range of security products from Security information and event management (SIEM), firewalls and security gateways to incident response, Governance, risk management and compliance (GRC) and Threat Intelligence Platforms.
