)
We at Cybersixgill are excited to announce that Maltego users can now use our threat intelligence to gain visibility into the deep and dark web.
As of today, these organizations can use Maltego’s platform to find the most relevant data from Cybersixgill’s full collection of cyber threat intelligence – the most comprehensive set of threat intelligence from the deep and dark web on the market today. This will allow Maltego users to integrate data from Cybersixgill with other intel sources and their own threat intelligence, helping them to streamline their investigations.
A popular open-source intelligence and graphical link analysis platform for conducting investigations, Maltego enables organizations to bring together a wide variety of data points and combine them visually in order to find connections and draw conclusions. This information is collected and analyzed based on instructions contained in code snippets known as Transforms. Through Maltego’s Transform Hub, users can bring together threat intelligence from various leading vendors and public sources – which they can then combine with their own threat intel. By mapping this information visually, Maltego empowers users to efficiently put clues together and simplifies the process of investigating threats and threat actors.
How can Maltego users make the most of Cybersixgill’s threat intelligence?
Now that threat intelligence from Cybersixgill is available directly via Maltego’s Transform Hub, Maltego users can use Transforms from Cybersixgill to make their investigations faster and more comprehensive.
Organizations can use Cybersixgill’s intelligence to follow what we call a “zoom-out, zero-in” approach to investigating a possible cyberattack: They can first zoom out on a narrow lead in order to see its broader context, and after examining this context they can zero in on a specific suspect.
Additionally, users of Maltego’s platform now have the option of diving deeper into Cybersixgill’s threat intelligence from the deep and dark web by pivoting to our full Investigative Portal through a secure API.
How Can I Start Using the Cybersixgill Transforms in Maltego?
In order to use Cybersixgill, one needs a Cybersixgill Client ID, Cybersixgill Client Secret as well as a commercial Maltego license.
There are three ways to access Cybersixgill data within Maltego:
Data Bundles: You may purchase a data bundle for Cybersixgill on a subscription basis in the Maltego webshop. Data bundles start at 250 Transform runs per month.
Bring Your Own Key: If you are an existing Cybersixgill customer, reach out to your contact person at Cybersixgill to gain access to the Hub item. If you are not yet a Cybersixgill customer, please reach out to Maltego using the contact form here.
Enterprise Data Allowance: As a Maltego Enterprise user, you can access and install the Cybersixgill Hub item in the Maltego Desktop Client and directly try out the data. Each Enterprise user has the allowance to run 10 Cybersixgill Transforms per month.
What Type of Information Can I Get from Cybersixgill?
Analysts begin their investigations using Cybersixgill and Maltego with an Alias, URL, Hash, Domain, or IP Address. From there, investigators can run Transforms to uncover information related to:
Domains
IP Addresses
Intel Item Posts
Threat Actors
Threat Sources
URLs
Mentioned Hashes
For more on how Cybersixgill empowers Maltego users to enhance their investigations, check out our full press release here.
)
)
)
)