Hash Cards

Hash Intelligence Cards (aka Hash Cards) provide an on-demand summary of essential information related to a specific Hash, and are updated in real time as Recorded Future collects new information. You can use Hash Cards as a starting point when assessing whether observation of a given Hash in a specific context is an Indicator of Compromise, and further can be used in security control rules to block or detect incidents. Hash Cards are also pivot points during investigations that start with another indicator, a malware tool, a vulnerability, or a threat actor.

Descriptions of several common components of the Hash Card are found in the Overview of Intelligence Cards; the details below are specific to the Hash Card:

Hash Card: Risk Scoring

Hash Risk Scores distinguish malicious file hashes from web reporting on hashes used for other technical purposes: passwords, digital fingerprints, certificates, etc. The risk rules for Hashes currently do not have an age out criteria. Once scored as malicious, a Hash will remain permanently malicious.

Hash Cards provide full transparency, sourcing all of the evidence behind a Risk Score.

Intelligence Partner Extensions

Extensions are integrations that enhance Hash Cards with content from our Intelligence Partners. Click here to learn more.  We also have training page specific to the extensions available on a Hash Card.  

Was this article helpful?
0 out of 0 found this helpful

The content of this article is confidential and intended solely for the use of individuals with authorized access to the Recorded Future service. Do not download or distribute this article.
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment. Please note that your name will be displayed. If you would like to change how your name appears, please update your profile name.