• We’re Hiring
  • Request Demo
  • Support
  • Log In
  • Product keyboard_arrow_down
  • Solutions keyboard_arrow_down
  • Customers
  • Partners
  • Blog
  • Resources keyboard_arrow_down
  • Get started arrow_forward
  • Product
  • apps
    Overview
    Learn more about threat intelligence powered by machine learning
  • blur_on
    Technology
    See how collection from an unrivaled breadth of sources powers risk insights
  • developer_board
    Integrations
    Combine threat intelligence with your existing security technology
  • announcement
    Services
    Let our team of world-class analysts help you apply threat intelligence
  • device_hub
    API
    Connect to our real-time threat data through a flexible rest API
  • create
    Training
    Become an expert in threat intelligence through our educational programs
  • Solutions
    people By Role
  • Incident Response
  • Security Leadership
  • Security Operations
  • Threat Analysis
  • Vulnerability Management
  • extension By Need
  • Brand Monitoring
  • Dark Web Monitoring
  • Indicator Enrichment
  • Third-Party Risk
  • Threat Hunting
  • Threat Intelligence Platform
  • Threat Intelligence Feeds
  • business By Industry
  • Energy
  • Financial Services
  • Government
  • Healthcare
  • Retail
  • Resources
  • email
    Cyber Daily™
    Join over 35,000 subscribers who get daily threat insights by email
  • mic
    Podcasts
    Listen to our podcast to supercharge your threat intelligence knowledge
  • book
    The Book
    Download our new book to learn everything about threat intelligence
  • ondemand_video
    Webinars
    Watch live and on-demand webinars to hear from industry experts
  • how_to_reg
    Grader
    Take this short survey to assess your threat intelligence maturity
  • chrome_reader_mode
    White Papers
    Read our white papers to keep up with the latest threat intelligence advice
  • video_library
    Videos
    Watch our videos to see firsthand the power of threat intelligence
  • menu
    close
    • Product
      • Overview
      • Technology
      • Services
      • Integrations
      • API
      • Training
    • Solutions
      • Threat Analysis
      • Security Operations
      • Incident Response
      • Vulnerability Management
      • Security Leadership
      • Indicator Enrichment
      • Brand Monitoring
      • Threat Hunting
      • Cyber Risk Trends
      • Threat Intelligence Feeds
      • Financial Services
      • Healthcare
      • Retail
      • Energy
      • Government
    • Customers
    • Partners
    • Resources
      • Cyber Daily
      • Webinars
      • Podcasts
      • White Papers
    • Login
    Recorded Future Maltego Integration — Now With Moar
    Recorded Future Blog

    Recorded Future Maltego Integration — Now With Moar

    By Matt Kodama on August 17, 2015

    Webinar: Learn how to use Maltego for better insight into cyber threats. Watch now.

    At Black Hat 2015 this year, we were busy previewing the new version of our Maltego integration! If you didn’t see us out in the desert this year, here are highlights of upcoming improvements from Recorded Future and our partner Malformity Labs.

    More Intel

    First off, we are packing a lot more intel information into the Entities returned by our Maltego transforms. An intelligence summary is returned for IP addresses, domains, and hashes and appears in the Detail View. The summary lists related infrastructure, malware, or CVE vulnerabilities. For example, here’s the summary for an IP address recently linked to the IpTabLex botnet:

    IP Address Details

    We’re packing more intel into document entities too. For example, here’s the summary for a recent blog post about CVE-2015-3113:

    Document Details

    Of course, you’ll want to read the original yourself, using the source link. This improved summary gives you a clear “information scent” for what’s available in that document.

    More Efficiency

    Building on these same intel summaries, we’ve added new transforms for IP addresses, domains, and hashes that retrieve those top related entities directly – without drilling down into detailed document-level intel. This make it faster to pull related entities into your investigation, vet them for hits in your other technical intel sources, and focus your investigation in on those interesting multi-source hits.

    Below is a graph snippet with the top 12 hits for a specific domain – one that is not malicious per se, but is reportedly exploited as secondary infrastructure. After checking off these IPs against other internal logs and other intel sources, you can zero in on the interesting ones.

    Maltego Domain to IP Address

    More Drilldown

    For some entities, these summaries cover a lot of information – more than can readily be pushed back into Maltego. The full summary is available through a drilldown link back to Recorded Future. Here’s the beginning of the summary for that same domain:

    Maltego Recorded Future Intelligence Summary

    We’ve also added deep links into Recorded Future for documents – so you can slice and dice all of the events reported in the document, and access any cached content.

    Early Access is Available

    Are you already using our integration and want to be an early adopter of these improvements? If you’re not afraid of a few bugs and want to jump to the front of the feedback line, please email us at support [at] recordedfuture [dot] com.

    Learn More

    If early access is not for you, or if you’re not already using our Maltego integration, you can learn more by watching our recent webinar.

    Up next:
    Exploring IP Ranges With Recorded Future: Are the ‘APT1 Ranges’ Cleaned Up?

    We're excited to announce a new functionality in Recorded Future which allows users to search for IP ranges.

    4 years AGO
    Christopher Ahlberg
    Cyber Daily Banner
    listRecent Posts
    • How to Build Comprehensive Security Processes With Threat Intelligence

      By Andrew Scott

      on February 15, 2019

    • Third-Party Risk: Keeping Your Friends Close and Your Enemies Not as Close

      By Zane Pokorny

      on February 14, 2019

    • 4 Ransomware Trends to Watch in 2019

      By Allan Liska

      on February 13, 2019

    • How Dragos Protects Industrial Control Systems With Threat Hunting

      By The Recorded Future Team

      on February 12, 2019

    • The Value Proposition of Finished Intelligence

      By Zane Pokorny

      on February 11, 2019

    Copyright © 2019 Recorded Future, INC.
    Product
  • Overview
  • Technology
  • Integrations
  • Services
  • API
  • Resources
  • Blog
  • Cyber Daily
  • Podcasts
  • Webinars
  • White Papers
  • Company
  • About
  • Events
  • Press
  • Contact
  • Jobs
  • Information
  • Support
  • FAQ
  • Terms
  • Privacy
  • Cookies
  • Copyright © 2019 Recorded Future, INC.
    closeclose