{"id":22067,"date":"2020-11-02T18:22:55","date_gmt":"2020-11-02T12:52:55","guid":{"rendered":"https:\/\/www.kaspersky.co.in\/blog\/open-tip-updated\/22067\/"},"modified":"2020-11-02T18:23:39","modified_gmt":"2020-11-02T12:53:39","slug":"open-tip-updated","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.in\/blog\/open-tip-updated\/22067\/","title":{"rendered":"OpenTIP, season 2: Come on in!"},"content":{"rendered":"

A year ago I addressed<\/a> cybersecurity specialists to let them know about a new tool we\u2019d developed. Our Open Threat Intelligence Portal<\/a> (OpenTIP) offers the same tools for analysis of complex threats (or merely suspicious files) as our GReAT<\/a> cyberninjas use. And lots of other folks use them now too, testing zillions of files every month.<\/p>\n

But a lot has changed in the past year, with practically the whole world having to work remotely<\/a> because of coronavirus, which in turn makes life more difficult for cybersecurity experts. Maintaining the security of corporate networks has become a hundred times more troublesome. As precious as time was before COVID-19, it is even more dear now \u2014 and today, the request we get most from our more-sophisticated users is simple and direct: API access and higher rate limits.<\/p>\n

You asked, and we delivered.<\/p>\n

\"New<\/a><\/p>\n

The new version of OpenTIP offers user registration, and I highly recommend regular visitors do register; a large chunk of the paid Threat Intelligence Portal<\/a> appears when you do.<\/p>\n

First, did you know you could use the API to send artifacts for testing? You can integrate OpenTIP into your analysis processes whichever way you find quick and convenient. In addition to unlimited quantities of files, you can also test other suspicious artifacts such as URLs, IPs, and hashes.<\/p>\n

Second, for executable files, in addition to the verdict about which contents seem suspicious, OpenTIP now supplies more raw material for analysis, by which I mean not only data about the structure of PE files, but also text strings extracted from them. Our super cool cloud sandbox<\/a>, which is actually a paid product in its own right, is also available. And finally, a \u201cPrivate submission\u201d button appears in the settings, permitting a check of artifacts without anyone knowing they were submitted to OpenTIP. From the start, we haven\u2019t allowed anyone<\/a> to view other\u2019s files, but now it\u2019s possible to keep tested portal indicators from the public history.<\/p>\n

\"Kaspersky<\/a><\/p>\n

Even without registration, OpenTIP improvements will be noticeable.<\/p>\n

The Web interface is more convenient, time-saving, and easy on the eyes, and analysis results are much more informative.<\/p>\n

We\u2019ve also applied extra behavior analysis technologies in the second version of OpenTIP. You won\u2019t get a simple \u201cinfected\/clean\u201d verdict, as with traditional endpoint protection, but rather a detailed analysis of suspicious properties, on the basis of which an analyst can decide whether to dig further. For suspicious URLs, categorization of dangerous properties will be available as well.<\/p>\n

\"Kaspersky<\/a><\/p>\n

For those who need even more, the paid version of the Threat Intelligence Portal<\/a> is much richer \u2014 in part because of the access to detailed reports on detected cyberthreats from our top analysts.<\/p>\n

How to subscribe<\/h2>\n

Enough with the abstract descriptions: Why not stop reading and have a go for yourself? Simply throw a suspicious file at OpenTIP<\/a>.<\/p>\n

For those who haven\u2019t yet subscribed to our Threat Intelligence services, I know you will find the portal indispensable (yes, I remember VirusTotal, but I talked about that last time<\/a>). But most of all, OpenTIP will be indispensable to those who adapt it to their daily processes of analyzing all manner of cyber-nastiness.<\/p>\n","protected":false},"excerpt":{"rendered":"

We have updated our Open Threat Intelligence Portal, a tool for experts and security analysts. <\/p>\n","protected":false},"author":13,"featured_media":22074,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2036,2609,7,2610],"tags":[1931,3015,2273],"class_list":{"0":"post-22067","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"category-products","10":"category-smb","11":"tag-experts","12":"tag-threat-analysis","13":"tag-threat-intelligence"},"hreflang":[{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/open-tip-updated\/22067\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/open-tip-updated\/17546\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/open-tip-updated\/23593\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/open-tip-updated\/21747\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/open-tip-updated\/20441\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/open-tip-updated\/24191\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/open-tip-updated\/23224\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/open-tip-updated\/29383\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/open-tip-updated\/8998\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/open-tip-updated\/37512\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/open-tip-updated\/15903\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/open-tip-updated\/16334\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/open-tip-updated\/14129\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/open-tip-updated\/25639\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/open-tip-updated\/29510\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/open-tip-updated\/26322\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/open-tip-updated\/23056\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/open-tip-updated\/28375\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/open-tip-updated\/28197\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.in\/blog\/tag\/threat-intelligence\/","name":"threat intelligence"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts\/22067","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/comments?post=22067"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts\/22067\/revisions"}],"predecessor-version":[{"id":22073,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts\/22067\/revisions\/22073"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/media\/22074"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/media?parent=22067"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/categories?post=22067"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/tags?post=22067"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}