More Tips for Entity Type Analysis and Monitoring
Predict 21: The Intelligence Summit Register Today

More Tips for Entity Type Analysis and Monitoring

December 26, 2013 • Chris

We recently introduced our refined Entity Type query capability by showing how to ask and answer big web intelligence questions that cut across broad categories.

Today we’ll provide a short update on that capability by detailing the Entity Types available for analysis in Recorded Future.

What Entity Types Are Available to Query?

There are several super categories containing more precise entity types: Location, Corporate, Organization, Product and Commodity, Person, Cyber, Technical Indicator, Technology, and Financial.

Each category contains one or more Entity Types on which you can run a query:

Location

  • Continent
  • Country
  • Province or State
  • Region
  • City
  • Facility (e.g. airports, universities, stadiums)

Example: Protests this week at the city level in Europe

Corporate

  • Industry
  • Company

Example: Cyber threats against companies this week

Technical Indicators

  • IP Address – Includes IPv4 and IPv6 addresses
  • Hash – Includes MD5 and SHA-1 hash values
  • Identifier – Vulnerability and security bulletin identifiers, including identifiers from NIST CVE registry, Microsoft, Adobe, SUSE, and RedHat
  • Domain – Internet domain names, derived from URLs and email addresses
  • Registry Key – Windows registry key names
  • File Name – Executable filenames

Example: IP addresses and domains linked malware during the past 48 hours

Get Started with Entity Type Queries

When you’re ready to try things out for yourself, we have two valuable resources to keep on hand. Open the support docs detailing “how to” on Entity Type queries as well as the comprehensive list of Entity Types available for querying.

Try setting up alerts on these concepts as well to see how they provide a wide range of view. As always, let us know if you have any questions by sending a message to support [at] recordedfuture [dot] com.

New call-to-action

Related Posts

Using Intelligence to Prioritize AWS Guard Duty Alerts

Using Intelligence to Prioritize AWS Guard Duty Alerts

March 10, 2021 • Meghan McGowan

Security operations teams are inundated with alerts and threats making it difficult for them to...

Announcing Security Intelligence for Splunk — For Free

Announcing Security Intelligence for Splunk — For Free

February 23, 2021 • Ellen Wilson

Today, we’re thrilled to announce the launch of a free 30-day trial of our integration for Splunk...

Special Delivery: Recorded Future Hunting Packages

Special Delivery: Recorded Future Hunting Packages

September 25, 2019 • The Recorded Future Team

Quickly detecting and preventing malicious activity is imperative to effectively protecting your...