Case Artifacts

This service includes case artifacts from public reports including IOCs. These artifacts may include event logs, memory dumps, packet captures, Zeek logs, webshells, ransomware files, and other intrusion related files. This service will also grant you access to our threat intel platform.

Security Researchers

You’re a security researcher who wants to analyze case artifacts for learning and/or fun and is not doing so on behalf of an organization. Artifacts are to be treated as TLP:RED. You can sign up here.

Companies and Organizations

This service also includes access to the threat intelligence platform’s API to pull IOCs/events. This service is great for in house training or detection engineering. Download our artifacts and walk step by step through the intrusion. Artifacts are to be treated as TLP:AMBER+STRICT. Includes email Q&A as time permits. You can sign up here.