To help you stay on top of emerging threats with the most updated detection rules, we have extended Intezer’s threat family tracking:
- Intezer’s Detect & Hunt feature is now available per threat family. while the Detect & Hunt tab has previously surfaced detection opportunities for a single file, now, it is possible to view aggregated IOCs/detection content for an entire threat actor or malware family. Detect & Hunt allows you to extract high-quality IoCs and detection content (to use in your SIEM or EDR), quickly and effectively. This saves you time and effort in "fishing" for relevant artifacts from overwhelming sandbox reports.
- Users can now track threats of interest and receive updates about new detection opportunities.
To get to the family page, search for a specific family or click on the family link in the analysis page. Let’s browse to Emotet family page.
Family search:
From analysis page:
On the family page, you can find Detect & Hunt tab with the most updated detection opportunities for the family.
Track the threat to get updates and keep your detection content up-to-date.
You will receive a weekly email notifying you about any new detection opportunities for threats you have subscribed to.