- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
10-03-2017 11:58 AM
Google has a threat list api, has anyone created a miner for it?
10-05-2017 06:48 AM
@chirss Google Safe Browsing lists are not really "lists". It is an API that will give you information about a given URL. I mean: you have a URL and you're wondering what Google's Safe Browsing thinks about that URL. You can use the API for such a case.
I'm planning an "Enrichement Framework" for MineMeld that will be able to attach additional attributes to indicators. A Google Safe Browsing node for the Enrichement Framework would be awesome.
10-05-2017 08:31 AM
Ya that's what I want as well. If I can compare url information from a feed with what safebrowsing thinks of it and then come up with a ranking to be used by different outputs that would be ideal. Is this what you are thinking? I haven't played enough with miner creation to build anything like this out.
10-05-2017 08:32 AM
Also maybe a miner isn't the right thing so much as a processor. If an ioc hits the processor it then queries the api (within limits of the api).
There are an awful lot of reputation type things which could possibly be used in a similar manner.
10-05-2017 08:44 AM
You're following my same path.
This is why I reached to the point that a "Enrichement Framework" for MineMeld would be welcome by the community. So I have it in my current plan of intentions.
10-05-2017 09:50 AM
Ya exactly.
The problem I'm finding is a lot of the miners likely have duplicate entries of some kind. So I'm sending them all to the same processor for similar types of feeds (phishing type miners to phishing processor for example). However I have to validate everything coming in before being able to trust it, i.e. verify before trusting.
The scenario you're talking about would be very beneficial in at least this scenario.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!