CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update analyzer docs with information about analyzers that require authentication

Browse Source
This commit is contained in:
weslambert
2022-05-10 09:32:18 -04:00
committed by GitHub
parent 000e813fbb
commit 34d57c386b
1 changed files with 17 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
salt/sensoroni/files/analyzers/README.md
View File

@@ -18,6 +18,23 @@ The built-in analyzers support the following observable types:
| Urlscan |✗ |✗|✗|✗|✗|✗|✗|✓|✗| | Urlscan |✗ |✗|✗|✗|✗|✗|✗|✓|✗|
| Virustotal |✓ |✓|✓|✗|✗|✗|✗|✓|✗| | Virustotal |✓ |✓|✓|✗|✗|✗|✗|✓|✗|
## Authentication
Many analyzers require authentication, via an API key or similar. The table below illustrates which analyzers require authentication.
| Name | Authn Req'd|
--------------------------|------------|
[Alienvault OTX](https://otx.alienvault.com/api) |✓|
[EmailRep](https://emailrep.io/key) |✓|
[Greynoise](https://www.greynoise.io/plans/community) |✓|
JA3er |✗|
LocalFile |✗|
[Pulsedive](https://pulsedive.com/api/) |✓|
Spamhaus |✗|
Urlhaus |✗|
[Urlscan](https://urlscan.io/docs/api/) |✓|
[Virustotal](https://developers.virustotal.com/reference/overview) |✓|
## Developer Guide ## Developer Guide
### Python ### Python