Supported modes

You can work with Kaspersky Threat Intelligence Portal in one of the following ways:

Kaspersky Threat Intelligence Portal web interface

You can work with Kaspersky Threat Intelligence Portal online by using any of the supported browsers. After signing in, you can run requests, search for WHOIS information on domains and IP addresses, and execute objects in the Kaspersky Sandbox. A history of your previous requests is also available. All investigation results can be exported in CSV, OpenIOC, or Structured Threat Information eXpression (STIX™) format. You can search for and download APT Intelligence reports and Crimeware Threat Intelligence reports in the PDF, OpenIOC, or YARA Rules format. The ICS Threat Intelligence Reporting and Digital Footprint Intelligence functionality is also available. Furthermore, you can also view and purchase licenses.

Kaspersky Threat Intelligence Portal Plugin

Kaspersky Threat Intelligence Portal Plugin is designed for Enterprise users subscribed to a commercial version of Kaspersky Threat Intelligence Portal and enables users to lookup web addresses, IPs, hashes (MD5, SHA-1, and SHA-256), and domains straight from the viewed web pages using the Kaspersky Threat Intelligence Portal lookup functionality. The plugin also lets subscribers gain rich threat context around IoCs, enabling them to make faster prioritization decisions. The goal of the plugin is to immediately provide your security teams with as much data about IoCs as possible from any web page, allowing you to speed up your threat investigation activities. IoCs are highlighted automatically.

You can add Kaspersky Threat Intelligence Portal Plugin to your Chrome browser via the Chrome Web Store.

Kaspersky Threat Intelligence Portal API

You can create lookup and report requests to Kaspersky Threat Intelligence Portal, as well as execute objects in the Kaspersky Sandbox by using the Kaspersky Threat Intelligence Portal API. Investigation results are provided in JSON format. The APT C&C Tracking, ICS Threat Intelligence Reporting, and Digital Footprint Intelligence API methods are also available.

Page top