3/13/2018 Implementing Cisco Cybersecurity Operations

4.10 Identifying Resources for Hunting Cyber Threats

Other External Threat Intelligence Sources an

Feeds Reference

Many sources are available for the SOC analyst to learn about various threats. Each SOC maintains similar threat
intelligence lists that are tailored to its individual preferences, and the lists are modified as sites become more or less
relevant or as new sites are created.

Recommended Security Tool Bookmarks

Malware detection and analysis sites:

• https://www.virustotal.com/

• http://totalhash.com/

• https://malwr.com/analysis/search/

• https://www.hybrid-analysis.com/

• http://www.herdprotect.com/knowledgebase.aspx

• http://www.phishtank.com/

• http://md5hashing.net/hash_type_checker

• http://threatglass.com/tiles

• https://threatcrowd.org

Web content verification sites:

• https://hackvertor.co.uk/public

• https://www.senderbase.org/

• http://www.rexswain.com/httpview.html

• http://urlquery.net/

• http://ipvoid.com/

• http://pgl.yoyo.org/urlex/

• http://www.internetofficer.com/seo-tool/redirect-check/

Network utilities:
• http://www.whatismyip.com/ip-address-host-name-lookup/

• http://centralops.net/co/

https://ondemandelearning.cisco.com/cybersec-fastlane/secops/sections/4/pages/10 1/1