Intelligence Card Extension for Cofense

This article describes the Intelligence Card Extension for Cofense. F

Cofense-Logo_Primary.png

About Cofense

Cofense, and specifically their Human-driven Phishing Intelligence, is a reliable and timely way to stop dangerous malware and phishing attacks. Using patented methods to automatically identify top threats to your network, and they provide you with timely actionable intelligence, tools, and coaching to respond to attacks that would otherwise go undetected.  

The extension enriches IP Address, Domain, and Hash cards with cyber threat intelligence.

You must have commercial access to Cofense Intelligence to use this extension and will need an API username and password, which are different from your username/password for the ThreatQ platform.    

Please also see the Getting Started With Intelligence Card Extensions page if you're interested in enabling this extension.

Extending IP Address, Domain, and Hash Intelligence Cards

You can search Cofense for a list of any matching threats that include the given IP Address, Domain, and Hash.  For each threat, the response includes:

  • Threat ID
  • Threat Summary
  • Link to Threat Details (in the ThreatHQ.com portal)
  • Link to Active Threat Report (in the ThreatHQ.com portal)
  • Brand
  • First Published Date
  • Last Published Date
  • Severity
  • Malware Family
  • Malware Family Description
  • Role
  • Role Description
  • Older Threat Reports (if available)

Example (pulled from the IP intelligence card for 178.62.232.244 on April 11, 2018):

Screen_Shot_2018-04-11_at_9.31.21_AM.png

 

Other Resources

Partner Spotlight blog: https://www.recordedfuture.com/partner-spotlight-phishme/
Videos with interviews and demos about Cofense: https://cofense.com/resources/videos/

 

This content is confidential. Do not distribute or download content in a manner that violates your Recorded Future license agreement. Sharing this content outside of licensed Recorded Future users constitutes a breach of the terms and/or agreement and shall be considered a breach by your organization.
Was this article helpful?
2 out of 2 found this helpful

Articles in this section

See more