User:KriDontje/sandbox

Talos Intelligence (Cisco Talos Intelligence Group) is a part of Cisco Systems. Talos is a cyber threat intelligence company which provides security by evaluating telemetry, email reporting, and malicious traffic samples to create filters and blacklists to protect networks. The Talos headquarters are in Fulton, MD.

Background
Talos was formed after Cisco acquired IronPort in 2007, and Sourcefire 2013. Researchers from Sourcefire's Vulnerability Research Team (VRT), IronPort , and members of Cisco Threat Research and Communications (TAC) combined and to form Talos Intelligence, now part of the Cisco Security business unit. The name was inspired by the Greek mythological figure Talos, "the Greek automaton whose sole purpose was protecting the shores of Crete from invaders and pirates."

Tools
Talos now maintains rule sets for open-source projects Snort, ClamAV, and SpamCop, and has released several tools for free use by the security community :

Snort
Snort is an Intrusion Detection System(IDS) or Intrusion Prevention System (IPS) which monitors traffic flowing into a network at the packet level. Talos researchers and community contributors create Snort rules with the smallest common denominator of malicious traffic, which Snort uses to detect and flag the packet for review, and/or drop it from the traffic before it enters the network.

ClamAV
ClamAV is antivirus software used to scan data in files for viruses, trojans, malware, and other threatening content. It is open source.

PhishTank
PhishTank, an anti-phishing site launched in 2006, allows users to report and catalogue phishing attempts.

PE-Sig
PE-Sig is a free downloadable Ruby (programming language) tool for identifying signatures in known malicious executable files. PE-Sig is hosted on Talosintelligence.com.

Synful Knock Scanner
Synful Knock Scanner is a downloadable Python (programming language) script used for scanning a network for routers compromised by the SYNful Knock malware.

MBR Filter
MBR Filter can be used to block write access to the Master Boot Record (MBR), which is used to store partitioning information and filesystem configuration data for a device.

Research
Talos researchers have revealed important information on some of the largest threats to the cyber community, such as:


 * CCleaner, 2018, which affected 2.27 million computers
 * VPNFilter, 2018, which affected 500,000 consumer routers
 * WannaCry, 2017, which infected over 200,000 machines, used hard-drive encryption to gain $140,000 from 338 victims
 * Nyetya
 * Olympic Destroyer, 2018, which targeted the Pyeongchang Olympics opening ceremonies

Services
The Talos Intelligence website contains free, self-serve live-data resources on software vulnerabilities, such as Zero-day reports for new software or patches.

Talos also manages a website reputation center, which presents historical reputation data on websites and gives them safety-indicator categories. Network policies may block websites with less trustworthy categorization. Website owners can petition Talos to alter their website's ratings if they believe the categorization is in error.

Reference List
