CISMCAP
CISMCAP
Details
Author |
Joe Lazaro |
Version |
1.0 |
License |
AGPL-V3 |
Requires Registration |
Yes |
Requires Subscription |
No |
Free Subscription Available |
No |
DataType Supported |
ip, hash, url, domain, fqdn, file |
Service Homepage |
Description
Malicious Code Analysis Platform (MCAP) by the Center for Internet Security (CIS). Submit files for analysis or check feeds for known indicators of compromise for other data types.
Configuration
Name |
Description |
key |
API key |
private_samples |
Submitted samples will not be shared with other members of the portal |
minimum_confidence |
Restrict to IOCs with this confidence score or higher. |
minimum_severity |
Restrict to IOCs with this severity score or higher. |
polling_interval |
Interval (seconds) between requests for sample status. |
max_sample_result_wait |
Maximum time to retry requests for sample status. |
Additional details from the README file:
The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the rapidly changing cybersecurity needs of U.S. elections offices.
Malicious Code Analysis Platform (MCAP) is a no-cost web-based sandbox which enables MS-ISAC and EI-ISAC members to submit suspicious files such as executables, DLLs, documents, quarantine files, and archives for analysis in a controlled and non-public fashion. The platform also enables users to perform threat analysis based on domain, IP address, URL, hashes, and various Indicators of Compromise (IOCs).
This analyzer allows you to submit a variety of observables to MCAP to analyze files or check feeds for known indicators of compromise for other data types.
To read more, visit https://www.cisecurity.org/ms-isac