Cisco Threat Grid
Modified on: Wed, 7 Sep, 2022 at 7:03 PM
Overview
Threat Grid is Cisco’s premier malware analysis and threat
intelligence solution that helps accurately identify and respond to
potential malware attacks in near real time. Threat Grid performs
dynamic analysis of hundreds of millions of samples per year, indexing
the indicators (Domain, IP, URL, Hash, Mutex, File Path, etc) from each
analysis.
These Transforms leverage the Threat Grid REST APIs to enable
investigators to quickly fetch information and map out the relationships
between samples and indicators, discover new infrastructure used in a
campaign, pivot from network indicators to host indicators during an
incident to help remediate faster, and more.
To read more click here.
Sample ID to ImportHash
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to ImportHash |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoImportHash |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to User Agent
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to User Agent |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoUserAgent |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Tag to Sample ID
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Tag to Sample ID |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
TagtoSampleID |
| Input Entities |
tg.Tag |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to Threat Score
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to Threat Score |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoThreatScore |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Threat Grid - DNS Name to
Sample ID
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Threat Grid - DNS Name to Sample ID |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
Threat Grid |
| Transform Name |
DNSNametoSampleID |
| Input Entities |
maltego.DNSName |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to Behavioral
Indicators
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to Behavioral Indicators |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoBehavior |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to Filename
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to Filename |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleDtoFilename |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Path to Sample ID
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Path to Sample ID |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
PathtoSampleID |
| Input Entities |
tg.Path |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to SHA256
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to SHA256 |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoSHA256 |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to Mutex
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to Mutex |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoMutex |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to URLs
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to URLs |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoURLs |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Threat Grid - Phrase to
Sample ID
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Threat Grid - Phrase to Sample ID |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
Threat Grid |
| Transform Name |
PhrasetoSampleID |
| Input Entities |
maltego.Phrase |
| Output Entities |
Phrase |
| Short Description |
|
Threat Grid - Hash to Sample
ID
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Threat Grid - Hash to Sample ID |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
Threat Grid |
| Transform Name |
HashtoSampleID |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
Threat Grid - Domain to
Sample ID
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Threat Grid - Domain to Sample ID |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
Threat Grid |
| Transform Name |
DomaintoSampleID |
| Input Entities |
maltego.Domain |
| Output Entities |
Phrase |
| Short Description |
|
Process to Sample ID
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Process to Sample ID |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
ProcesstoSampleID |
| Input Entities |
tg.Process |
| Output Entities |
Phrase |
| Short Description |
|
Behavior to Sample ID
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Behavior to Sample ID |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
BehaviortoSampleID |
| Input Entities |
tg.Behavior |
| Output Entities |
Phrase |
| Short Description |
|
Threat Grid - IP to Sample
ID
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Threat Grid - IP to Sample ID |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
Threat Grid |
| Transform Name |
IPtoSampleID |
| Input Entities |
maltego.IPv4Address |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to SHA1
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to SHA1 |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoSHA1 |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Filename to Sample ID
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Filename to Sample ID |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
FilenametoSampleID |
| Input Entities |
tg.Filename |
| Output Entities |
Phrase |
| Short Description |
|
Import Hash to Sample ID
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Import Hash to Sample ID |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
ImpHashtoSampleID |
| Input Entities |
tg.ImportHash |
| Output Entities |
Phrase |
| Short Description |
|
Threat Grid - IP to Domains
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Threat Grid - IP to Domains |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
Threat Grid |
| Transform Name |
IPtoDomains |
| Input Entities |
maltego.IPv4Address |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to Service Name
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to Service Name |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoServiceName |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Mutex to Sample ID
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Mutex to Sample ID |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
MutextoSampleID |
| Input Entities |
tg.Mutex |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to IPs Public
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to IPs Public |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoIPsPublic |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to Domains
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to Domains |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoDomains |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to Process
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to Process |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoProcess |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Threat Grid - Domain to IPs
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Threat Grid - Domain to IPs |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
Threat Grid |
| Transform Name |
DomaintoIPs |
| Input Entities |
maltego.Domain |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to Artifacts
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to Artifacts |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoArtifacts |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to Tags |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoTags |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to Artifact Paths
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to Artifact Paths |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoArtifactPaths |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Threat Grid - URL to Sample
ID
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Threat Grid - URL to Sample ID |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
Threat Grid |
| Transform Name |
URLtoSampleID |
| Input Entities |
maltego.URL |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to MD5
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to MD5 |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoMD5 |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|
Sample ID to IPs
| Threat Grid API Key |
string |
1234567890 |
false |
true |
false |
| Display Name |
Sample ID to IPs |
| Owner |
iTDS |
| Author |
iTDS@Paterva.com |
| Data Source |
|
| Transform Name |
SampleIDtoIPs |
| Input Entities |
tg.SampleID |
| Output Entities |
Phrase |
| Short Description |
|