Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Now supporting OpenIOC via our API! - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Now supporting OpenIOC via our API!
The SANS Internet Storm Center is proud to announce the release of our first OpenIOC format API call. We have been hard at work writing a method that serves our firewall logs as OpenIOC XML content dynamically from a RESTful HTTP request. This is a critical step in expanding our service offerings to you, our readers, members and contributors.
 
You can use tools that ISC handler Russ McRee mentioned in a previous diary to convert output from this new method into STIX format. This is just the beginning however; the development roadmap includes the addition of another API method with the same data served in STIX format!
 
Ready to get started? View the documentation here: https://isc.sans.edu/api/#openiocsources
 
Please share your feedback as well as use cases and success stories as they unfold in the comments below.
 
A big thanks to Russ McRee for his assistance with testing and the writing of this announcement!

-- 
Alex Stanford - GIAC GWEB & GSEC
Research Operations Manager,
SANS Internet Storm Center

Alex Stanford

136 Posts

Sign Up for Free or Log In to start participating in the conversation!