Overview
Thanks to Cortex, observables such as IP and email addresses, URLs, domain names, files or hashes can be analyzed using a Web interface. Analysts can also automate these operations and submit large sets of observables from TheHive or through the Cortex REST API from alternative SIRP platforms, custom scripts or MISP. When used in conjunction with TheHive, Cortex largely facilitates the containment phase thanks to its Active Response features. This AMI is brought to you by StrangeBee, the company founded by three co-creators of TheHive to provide its users with deep expertise and a unique know-how. By doing so, StrangeBee boosts both the development of the product, new features for TheHive & Cortex as well as the ecosystem.
Highlights
- Multi-tenancy
- Analyzer library
- Responder library
Details
Typical total price
$0.192/hour
Features and programs
Financing for AWS Marketplace purchases
Pricing
Instance type | Product cost/hour | EC2 cost/hour | Total/hour |
|---|---|---|---|
t3.xlarge | $0.00 | $0.166 | $0.166 |
t3.2xlarge | $0.00 | $0.333 | $0.333 |
t3a.xlarge | $0.00 | $0.15 | $0.15 |
t3a.2xlarge | $0.00 | $0.301 | $0.301 |
m5.xlarge | $0.00 | $0.192 | $0.192 |
m5.2xlarge | $0.00 | $0.384 | $0.384 |
m5.4xlarge | $0.00 | $0.768 | $0.768 |
m5.8xlarge | $0.00 | $1.536 | $1.536 |
m5a.xlarge | $0.00 | $0.172 | $0.172 |
m5a.2xlarge | $0.00 | $0.344 | $0.344 |
Additional AWS infrastructure costs
Type | Cost |
|---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
This is a free AMI, we offer no refund on any indirect costs such as AWS compute resources.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
This update includes Cortex v3.1.8 with ElasticSearch v7.17.13 on Ubuntu 20.04.6 LTS along with OS updates.
Additional details
Usage instructions
Detailed usage instructions are available at https://www.strangebee.com/iaas/documentation/aws-cortex/
Sample Terraform code is available at https://github.com/StrangeBeeCorp/cloud-distrib-resources/tree/master/aws
SECURITY INFORMATION All sensitive information saved by customers is stored on the two (2) dedicated EBS data volumes attached to your instance: one volume for the Elasticsearch database, one volume for the Docker images. All data is thus located in the same region as your instance.
When using the recommended configuration, all EBS volumes (system and data) should be encrypted using your default regional KMS encryption key.
HEALTH CHECKS To assess and monitor the health and proper function of the application:
- navigate to your Amazon EC2 console and verify that you're in the correct region
- choose Instance and select your launched instance
- select the Status checks tab to review if your status checks passed or failed
Cortex listens on port 9001. You can configure your health checks to verify the following URL: http://server_ip:9001/api/status
Resources
Vendor resources
Support
Vendor support
Support on Cortex AMI deployment aws@strangebee.com aws@strangebee.com
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
