Actionable Cyber Threat Intelligence (Commercial)
收藏Snowflake2022-03-22 更新2024-05-01 收录
下载链接:
https://app.snowflake.com/marketplace/listing/GZT0Z12MO0NY
下载链接
链接失效反馈官方服务:
资源简介:
KELA’s Actionable Cyber Threat Intelligence is a combination of data automatically collected from a variety of cybercrime underground sources and intelligence insights provided by cyber intelligence subject matter experts.
The data - spanning closed forums, illicit markets, automated cybercrime shops, instant messaging channels used by criminals and more - can be used by defenders in order to understand how their infrastructure is viewed by attackers and facilitate intelligence-driven defense. Perform successful threat hunting and deepen your cyber investigations with contextualized intelligence insights as to attackers’ TTPs, threat actor profiles and identities, hacking discussions and more, or get alerts on targeted threats specifically aimed at your organization by analyzing the adversary’s perspective of its external attack surface.
Sample organization-related tables:
- Leaked Credentials
- Compromised Accounts
- Breached Servers
- Finished Intelligence
Fields Included:
- Email
- Username
- Password
- Target Service
- Posted Date
- Source name
- IP Address
KELA的可操作化网络威胁情报(Actionable Cyber Threat Intelligence)是整合了从各类网络犯罪地下渠道自动采集的数据,与网络情报领域专业专家提供的情报洞察的数据集。
该数据集覆盖封闭论坛、非法交易市场、自动化网络犯罪服务平台、犯罪分子使用的即时通讯频道等多类来源,可供防御方洞悉攻击者对其基础设施的审视视角,助力构建情报驱动型防御体系。
用户可依托该数据集获取攻击者战术、技术与流程(Tactics, Techniques and Procedures,简称TTPs)、威胁组织画像与身份信息、黑客讨论内容等上下文情报洞察,以此开展高效威胁狩猎、深化网络安全调查;或通过分析攻击者对外攻击面的视角,获取针对本组织的定向威胁预警。
关联组织示例数据表:
- 泄露凭证(Leaked Credentials)
- 受控账户(Compromised Accounts)
- 已攻陷服务器(Breached Servers)
- 成品情报(Finished Intelligence)
包含字段:
- 电子邮箱(Email)
- 用户名(Username)
- 密码(Password)
- 目标服务(Target Service)
- 发布日期(Posted Date)
- 来源名称(Source name)
- IP地址(IP Address)
提供机构:
KELA创建时间:
2022-03-20
搜集汇总
数据集介绍

背景与挑战
背景概述
该商业网络威胁情报数据集整合了暗网论坛、犯罪市场等多源数据及专家分析,提供攻击者TTPs、威胁画像等可操作情报,包含泄露凭证、入侵账户等结构化数据字段,支持防御者从攻击者视角开展威胁狩猎和针对性防护。
以上内容由遇见数据集搜集并总结生成



