RST Cloud Threat Intelligence API is a cloud-based threat intelligence pay-as-you-go service that you can use for various tasks. You can lookup file hashes, domains, URLs, and IPv4 addresses to check if these are malicious (RST IoC Lookup) or are "known-good" values (RST Noise Control). Also, it allows to lookup WHOIS registration data for domains (RST Whois API).

Key Features:

1. Actionable Insights

Receive detailed indicators with comprehensive metadata, such as threat categories, severity levels (via scoring), related indicators, CVE, malware family names, attack tools and frameworks, threat actor information and additional contextual data. Empower your security teams to respond effectively to threats and take appropriate actions.

2. Reduce False Positives

Check alerts from other systems before raising a ticket in JIRA, ServiceNow or other platforms. This is done via a query to RST Noise Control service which comes as a part of this offering. Simply lookup if a value is a known good. Avoid alerting on known DNS servers, CDN IP, well-known domains, common hashes of Windows or its components like calc.exe or notepad.exe.

3. Comprehensive Threat Intelligence

Leverage our extensive threat intelligence database, continuously updated with the latest indicators of compromise (IOCs) from reputable sources, security vendors, individual threat intel researches worldwide, and research communities.

4. Simple Integration

Seamlessly integrate our API into your existing security infrastructure such as TIP, SIEM, SOAR systems or other applications with minimal effort. We provide comprehensive documentation and sample code to ensure a smooth integration process.

5. Cost-Effective

Pay only for the resources you consume with our flexible pricing model. Our cloud-based approach eliminates the need for on-premises infrastructure, reducing your operational costs and enabling you to focus on core security tasks.

6. Fast and Accurate Results

Obtain real-time threat intelligence with lightning-fast response times. Our advanced algorithms and infrastructure enable rapid identification, attribution, and categorisation of known threats, empowering you to make informed security decisions.

7. Multiple Query Options

Query our API using various indicators, including malware file hashes, domains, URLs, and IPv4 addresses. Gain a holistic view of potential threats associated with specific IOCs and take proactive measures to mitigate risks.

8. Scalable and Reliable

Built on the robust AWS infrastructure, our service offers high scalability, availability, and reliability. Handle peak loads effortlessly, ensuring uninterrupted threat intelligence services for your organisation.

9. Secure and Private

We prioritise data privacy and security. Your queries and sensitive information are handled with the utmost confidentiality and protected through industry-standard security practices and protocols.