Alien Vault Threat Crowd was integrated by Mindflow to enable users to automate their incident management and better protect their information system.

Threat Crowd Overview

AlienVault Threat Crowd is an open-source threat intelligence search engine. Users share their threat intelligence to create and foster global cooperation. On the platform, users share IP addresses, URLs, email addresses, domains, and other types of intel to facilitate their discovery in your systems and enrich the information gathered.

Using the Threat Crowd API on Mindflow, users can search for:

• Domains
• IP Addresses
• URLs
• E-mail addresses
• File hashes
• Antivirus detections

As a general rule of behavior, users should limit their requests to no more than one request every ten seconds. Brief bursts can exceed this (eg; if you’re using Maltego to enrich a large set of indicators) so long as they don’t significantly impact the server’s performance.

Benefits

• Enrich your investigation by gathering threat intelligence about MD5 or SHA1 hashes, IP addresses, antivirus software, domain names, and email addresses from the solution
• Submit votes for malicious indicators