AlienVault OTX now supports YARA rules!
But Yara isn't the only addition to OTX since our last update.
More HTTP data
We have data on malicious and suspicious URLs going back a number of years. But now you can also see the analysis and relationships with links within the HTML, Whois or SSL Certificate fields.
The value in a platform like OTX is in its users, with each added user an exponential gain for the other users of the community.
We now have over 65,000 registered users, and the number of visitors browsing the site has more than doubled since the beginning of the year. In addition to that, there are hundreds of groups, including 70 public groups where you can collaborate and share information about specific topics or threat actors.
More AlienVault-generated reports
Users that subscribe to the AlienVault user, and particularly those that have the AlienVault threat intelligence subscription, may have noticed we're starting to add a lot more of our own reports on attacks to OTX:
Our analysts create this content by tracking and analyzing multiple threat actors. They are able to do this with the help of an system (internally referred as SkyChip), that identifies clusters of malware that we haven't encountered before.
Integrations and API users
We had another blog discussing all the extensions to the API. It's great to see integrations in several places, and this week Hybrid-Analysis.com has built some awesome integrations utilizing the OTX API:
We're hard at work adding new features to make OTX even more valuable including new ways to personalize OTX, visualizations, and tools to help with malware analysis. If you have thoughts on what you would like to see added to OTX, tweet us @AlienVault or drop an email firstname.lastname@example.org.