Centralized Threat Information Service API

For cyber-threat purposes developed APIs communicating with relevant end-points

realization year

2020

Result

POC product successfully communicating with 3th party endpoints. Including unittests and system tests.

Used Technologies

Python

websockets

asyncio

Django

REST API

mySQL

MISP

Splunk

Demisto

Challenge

Big data, short latencies, customer working in multiple time zones across the globe.

Details

In order to collect, interconnect and prepare data for further analysis, a centralised cyber threat security system is used. Our goal is to access this system using its APIs and extend these to communicate with 3th party enrichment libraries:

  • FireEye
  • VirusTotal
  • MTS (Booz Allen Hamilton)
  • MISP

Downloadable content