Hi, from time to time we get some alarms with “you have pwaned” credetials. So the InsightIDR plattform gets information from this external plattform and i guess from several different plattforms like “virus total”. Is there a documentation of all used sources for these informations? I would like to understand which information comes from which platform, so that i can consolidate these sources.
thanks in advance, Maurice
This may be referring to the “Have I been pwned?” Web site run by Troy Hunt. You can read about it in this Wikipedia article and on the site itself. It’s a well-known and trusted tool by a reputable security researcher.
Thanks DanM,
yes, i know this site. That’s not my problem. I have to know which external sites are used by rapid7 to enrich the own data. There are a lot of it security sites out there with an API to use and rapid7 uses some of these for additional analysis. If i remember right there was some documentation on “Virus Total” used with one of the Insight product world but i guess there are some more?!
Have fun and thanks,
Maurice