This article describes the Intelligence Card Extension for Cyborg.
Feedback and improvement ideas are welcome! Please contact Manoj Subramanya.
About Cyborg
Cyborg Security is a leading provider of advanced threat hunting solutions, with a mission to empower organizations with cutting-edge technology and collaborative tools to proactively hunt and respond to cyber threats. Cyborg Security’s flagship offering, the HUNTER Platform, provides access to a curated library of expertly-crafted, constantly updated threat hunting content and comprehensive hunt management capabilities to create a dynamic ecosystem for effective threat hunting operations.
This extension is available as both a free community integration and as a paid, commercial integration. If you are a Cyborg customer, use your API key for Hunter to enable the integration. If you are not an existing Cyborg customer, you can type "free" for the Hunter API key and gain complimentary access to the Hunter intelligence.
Please also see the Getting Started With Intelligence Card Extensions page if you're interested in enabling this extension.
Extending Malware Intelligence Cards
You can find the Cyborg extension on Malware intelligence cards:
When the logo is clicked on, an API call with made to Cyborg and if the malware name is found in their malware library, the corresponding content will be displayed. This includes how many hunt packages they have related to this malware, and for each, the nature of the hunt package and a link back to the Cyborg Hunter platform to get more details about each package.
As of August 2, 2023, Cyborg has confirmed that at least 85 malware names from Recorded Future match with their database; collectively, they include a total of 458 hunt packages.
Screenshot below is the results for "Redline Stealer"
More Information:
More information about Cyborg and their Hunter platform can be found at https://www.cyborgsecurity.com/