Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New analyzers and templates for RiskIQ Illuminate #1013

Merged
merged 8 commits into from Jun 20, 2022
Merged

New analyzers and templates for RiskIQ Illuminate #1013

merged 8 commits into from Jun 20, 2022

Conversation

aeetos
Copy link
Contributor

@aeetos aeetos commented Jun 29, 2021

Introduces new analyzers and templates for RiskIQ Illuminate.

RiskIQ Illuminate is the next-generation product from RiskIQ, the company behind PassiveTotal. Many of these new analyzers overlap with datasets already in use in the existing PassiveTotal analyzers, but we wanted to take a fresh approach to their presentation and code, and also leverage our newly-updated passivetotal Python library. This helps ensures no breaking changes for existing users of the PassiveTotal analyzers.

We are also offering a pattern for testing analyzers and automatically generating JSON service files (see _services.py for details). This helped us quickly test our analyzers at the command line and ensured consistency in the JSON service files. It may be something to consider adding to your cortexutils Python library.

Looking forward to hearing your feedback.

-- Mark

@garanews garanews added the category:new-analyzer New analyzer submitted label Jun 30, 2021
@nadouani nadouani added this to the 3.1.0 milestone Jul 22, 2021
@nadouani
Copy link
Contributor

Hello @aeetos thanks for the great job. We will review this PR for 3.1.0 release. We will ask you for some more inputs, specially for the documentation/screenshots/logos etc...

@jeromeleonard jeromeleonard self-requested a review January 24, 2022 17:41
@jeromeleonard jeromeleonard changed the base branch from master to develop January 24, 2022 17:53
@jeromeleonard
Copy link
Contributor

Hello @aeetos,

I'm currently reviewing your PR. Before merging it, I wonder if you could share some screenshots for analyzer reports ? Thus, I could update analyzers definition files and make them being displayed in the documentation site (To have a page like this one: https://thehive-project.github.io/Cortex-Analyzers/analyzers/DomainToolsIris/).

Indeed, the documentation site is automatically built with the help of json files and content (https://thehive-project.github.io/Cortex-Analyzers/dev_guides/analyzers_definition/)

@jeromeleonard jeromeleonard self-assigned this Jan 24, 2022
@jeromeleonard jeromeleonard added the status:waiting-for-reply Waiting for reply from user label Jan 25, 2022
@nadouani nadouani removed the status:waiting-for-reply Waiting for reply from user label Jun 20, 2022
@nadouani nadouani merged commit 5a9fbe0 into TheHive-Project:develop Jun 20, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeromeleonard jeromeleonard Awaiting requested review from jeromeleonard

Assignees

@jeromeleonard jeromeleonard

Labels
category:new-analyzer New analyzer submitted
Projects
None yet
Milestone
3.1.0
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@aeetos @nadouani @jeromeleonard @garanews