Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New analyzer : Cyberprotect ThreatScore #374

Merged
merged 3 commits into from
Nov 30, 2018
Merged

New analyzer : Cyberprotect ThreatScore #374

merged 3 commits into from
Nov 30, 2018

Conversation

remiallain
Copy link

View issue #373

@3c7 3c7 added category:enhancement Issue is related to an existing feature to improve status:pr-submitted status:needs-review category:new-analyzer New analyzer submitted and removed category:enhancement Issue is related to an existing feature to improve labels Nov 20, 2018
@nadouani nadouani changed the base branch from master to develop November 30, 2018 15:56
@nadouani nadouani merged commit b2b04d8 into TheHive-Project:develop Nov 30, 2018
@nadouani nadouani added this to the 1.15.0 milestone Nov 30, 2018
@nadouani
Copy link
Contributor

@remiallain any chance to provide some ioc samples to test the analyzer?

@remiallain
Copy link
Author

Hello @nadouani , you can test it with this IP : 80.82.77.33
At this time, this service only provide a score/date. We are working on it to provide more information in a future version.

@nadouani
Copy link
Contributor

nadouani commented Dec 3, 2018

This ip returns the following result:

{
  "summary": {
    "taxonomies": [
      {
        "predicate": "ThreatScore",
        "namespace": "Cyberprotect",
        "value": "not in database",
        "level": "info"
      }
    ]
  },
  "full": {
    "result": {
      "data": "80.82.77.33",
      "scores": [
        {
          "date": "2018-10-12",
          "score": "0.99"
        },
        {
          "date": "2018-10-11",
          "score": "0.558599982559681"
        }
      ]
    }
  },
  "success": true,
  "artifacts": [],
  "operations": []
}

The summary says not in database but we have a score, is this expected?

@nadouani
Copy link
Contributor

nadouani commented Dec 3, 2018

Forget about it, I've made a change to the report structure but not to the summary function, my bad

nadouani pushed a commit that referenced this pull request Dec 20, 2018
@nadouani
New analyzer : Cyberprotect ThreatScore (#374)
45659e0 
* add cyberprotect threatscore analyzer

* update cyberprotect threatscore analyzer

* modify levelslabel
To-om pushed a commit that referenced this pull request Feb 11, 2019
@To-om
New analyzer : Cyberprotect ThreatScore (#374)
2d61ade 
* add cyberprotect threatscore analyzer

* update cyberprotect threatscore analyzer

* modify levelslabel
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
category:new-analyzer New analyzer submitted
Projects
None yet
Milestone
1.15.0
Development

Successfully merging this pull request may close these issues.
3 participants
@remiallain @nadouani @3c7