Hoshdar: Threat Intelligence Sharing System
The Hoshdar system is a specialized system in the field of cyber threat intelligence (CTI) that after monitoring, collecting and analyzing information, it is possible to receive malicious lists of domain, IP, URL, etc. provides with minimal false positives through API and user interface.
The set of feeds available in the alert system will play a significant role in enhancing the capabilities of commercial security platforms (SIEM, SOAR and TIP) and assisting Security Operations Centers (SOC) and Managed Security Service Providers (MSSP).
- List of malicious IPs: Using advanced scoring algorithms, the Hoshdar system provides a timely list of malicious IPs with minimal false positives on a daily basis and in different categories such as scanner, C&C, etc.
- List of malicious URLs: By checking and analyzing various internal and external sources, the Hoshdar system provides a list of malicious URLs on a daily basis in different categories such as phishing, malware, etc.
- List of malicious domains: The Hoshdar system provides a list of the latest malicious domains after checking and verifying them on a daily basis. This list includes different categories such as phishing domains, botnet related domains, etc.
- Geographic information of IPs: The Hoshdar system provides users with a timely list of geographic information of all IPs in use.
- Build better cyber security platforms: Providers and users of security platforms such as SIEM and Firewall, as well as Threat Intelligence Platforms (TIPs), use our information to enhance their capabilities and better contextualize and prioritize threats.
- Identify infected systems on your network: By using the IPs and domains of the C&C servers in the system, the infected systems that intend to communicate with these servers are identified.
- Restrict access to your network in times of threat: At the time of threat, by using the updated list of geographic information of IPs, you can limit access to your network, for example, to IPs inside the country (Iran Access).
- Do not allow attackers to scan your network: With the detection of any new vulnerability, the list of reported scanners related to that vulnerability is placed in the system as soon as possible.
- Assess and then improve your security posture: Security Operations Centers (SOCs) leverage the breadth and depth of our knowledge to improve cybersecurity processes and strategies.
- Stop connecting to malicious domains: By using the list of malicious domains in your organization's DNS, stop the possibility of connecting your network users to these malicious domains.
- Advanced Dashboard
- Support for Authentication Protocols
- Analysis of Suspicious Cases
- Ability to Prune Infected Emails on Email Servers