Mandiant Threat Intelligence

This article describes the Intelligence Card Extension for FireEye Threat Intelligence.  

File:New Mandiant Logo-FULL COLOR.png - Wikipedia

About Mandiant

Mandiant (formerly, part of FireEye and now part of Google) provides cyber threat intelligence through their ThreatScape API.  The extension enriches IP Address, Domains, file hashes, URLs, malware, and vulnerability intelligence cards with cyber threat intelligence.

You must have commercial access to Mandiant Threat Intelligence to use this extension and will need your public and private API keys.  These are different from your username/password for the Mandiant Advantage portal and can be obtained from your Intelligence Account Manager.

Note that the current intelligence card extension makes use of API v4.  An older version of this extension has been deprecated in August 2023; it used v2.2 of the ThreatScape API.

Please also see the Getting Started With Intelligence Card Extensions page if you're interested in enabling this extension.

 

Extending Intelligence Cards

You can search Mandiant Threat Intelligence for a list of any published reports that include the given IP Address, Domain, File Hash, URL, Malware, and Vulnerability. The response varies by entity type, and can include:

  • Link to the Mandiant Advantage Portal
  • Mandiant title
  • Mandiant Unique ID for the entity
  • Mandiant Malicious score
  • Last update date
  • Last seen date
  • Exploit Stage (for vulnerabilities
  • Entity Description
  • Affected Operating System
  • Capabilities

​Example (for malware "Locky"):

 

Example (for vulnerability "CVE-2014-0160"):

 

This content is confidential. Do not distribute or download content in a manner that violates your Recorded Future license agreement. Sharing this content outside of licensed Recorded Future users constitutes a breach of the terms and/or agreement and shall be considered a breach by your organization.
Was this article helpful?
1 out of 1 found this helpful

Articles in this section

See more