Comparison of Kaspersky Threat Intelligence Portal versions
The table below shows the difference between features available for General and Premium Access to Kaspersky Threat Intelligence Portal.
Available features for General and Premium Access to Kaspersky Threat Intelligence Portal
Feature |
General Access |
Premium Access |
|---|---|---|
Home page |
||
Worldwide cyber-map |
|
|
TOPs of threats worldwide and for individual countries |
|
|
Threat dynamics worldwide and for individual countries |
|
|
Event list displaying recent events |
|
|
APT Intelligence and Crimeware Threat Intelligence Reporting |
||
Access to service using web interface |
|
|
Access to service using RESTful API |
|
|
Email notifications for new or updated reports |
|
|
APT Intelligence reports |
|
|
APT C&C Tracking |
|
|
Crimeware Threat Intelligence reports |
|
|
Actor profiles |
|
|
IoC downloads |
|
|
Industrial Reporting |
||
Industrial reports |
|
|
Threat Lookup: Hash investigation |
||
Access to service using web interface |
|
|
Access to service using RESTful API |
(for registered users, API token required) |
|
Export results to JSON / STIX / CSV formats |
|
|
Hash report contents: |
|
|
General information |
|
|
Detection names |
|
|
File signatures and certificates |
|
|
Container signatures and certificates |
|
|
File paths |
|
|
File names |
|
|
File downloaded from web addresses and domains |
|
|
File accessed following web addresses |
|
|
File started following objects |
|
|
File was started by following objects |
|
|
File downloaded following objects |
|
|
File was downloaded by following objects |
|
|
Threat Lookup: IP address investigation |
||
Access to service using web interface |
|
|
Access to service using RESTful API |
(for registered users, API token required) |
|
Export results to JSON / STIX / CSV formats |
|
|
IP address report contents: |
|
|
General information |
|
|
IP WHOIS |
|
|
Threat score |
|
|
DNS resolutions for IP address |
|
|
Files related to IP address |
|
|
Hosted web addresses |
|
|
Threat Lookup: Web address investigation |
||
Access to service using web interface |
|
|
Access to service using RESTful API |
(for registered users, API token required) |
|
Export results to JSON / STIX / CSV formats |
|
|
Web address report contents: |
|
|
General information |
|
|
Domain/IP WHOIS |
|
|
DNS resolutions for domain |
|
|
Files downloaded from requested web address |
|
|
Files accessed requested web address |
|
|
Referrals to requested web address |
|
|
Requested object linked, forwarded, or redirected to following web addresses |
|
|
Masks (record ID in Data Feeds) |
|
|
Threat Lookup: Domain investigation |
||
Access to service using web interface |
|
|
Access to service using RESTful API |
(for registered users, API token required) |
|
Export results to JSON / STIX / CSV formats |
|
|
Domain report contents: |
|
|
General information |
|
|
Domain WHOIS |
|
|
DNS resolutions for domain |
|
|
Files downloaded from requested domain |
|
|
Files accessed requested domain |
|
|
Subdomains |
|
|
Referrals to domain |
|
|
Domain referred to following web addresses |
|
|
Web address masks |
|
|
WHOIS Lookup |
|
|
WHOIS Hunting |
|
|
Cloud Sandbox: Upload and execute file |
||
Custom file execution parameters |
|
|
Access to service using web interface |
|
|
Access to service using RESTful API |
(for registered users, API token required) |
|
Export results to JSON / STIX / CSV formats |
|
|
File analysis report contents: |
|
|
General information |
|
|
Detection names (including Sandbox detects and Triggered Network Rules) |
|
|
Execution map |
(limited) |
|
Suspicious activities |
(limited) |
|
Screenshots |
(limited) |
|
Loaded PE images |
(limited) |
|
File operations |
(limited) |
|
Registry operations |
(limited) |
|
Process operations |
(limited) |
|
Synchronize operations |
(limited) |
|
Downloaded files |
(limited) |
|
Dropped files |
(limited) |
|
HTTP(S) requests |
(limited) |
|
DNS requests |
(limited) |
|
Cloud Sandbox: Download and execute file |
||
File download from a web resource |
|
|
Custom file execution parameters |
|
|
Access to service using web interface |
|
|
Access to service using RESTful API |
|
|
Export results to JSON / STIX / CSV formats |
|
|
File analysis report contents: |
|
|
File download information |
|
|
Download request |
|
|
Download responses |
|
|
General information |
|
|
Detection names (including Sandbox detects and Triggered Network Rules) |
|
|
Execution map |
|
|
Suspicious activities |
|
|
Screenshots |
|
|
Loaded PE images |
|
|
File operations |
|
|
Registry operations |
|
|
Process operations |
|
|
Synchronize operations |
|
|
Downloaded files |
|
|
Dropped files |
|
|
HTTP(S) requests |
|
|
DNS requests |
|
|
Cloud Sandbox: Browse web address |
||
Custom web address browsing parameters |
|
|
Access to service using web interface |
|
|
Access to service using RESTful API |
(for registered users, API token required) |
|
Export results to JSON / STIX / CSV formats |
|
|
Web address analysis report contents: |
|
|
General information |
|
|
Detection names (including Sandbox detects and Triggered Network Rules) |
|
|
Connected hosts |
(limited) |
|
WHOIS |
(limited) |
|
HTTP(S) requests |
(limited) |
|
DNS requests |
(limited) |
|
Screenshots |
(limited) |
|
Digital Footprint Intelligence |
||
Digital Footprint Intelligence reports |
|
|
Digital Footprint Intelligence notifications |
|
|
Threat notifications |
|
|
Export threat notifications |
|
|
Viewing and changing organization's information |
|
|
Data Feeds |
||
Threat Intelligence Data Feeds |
|
|
Incident Response Tools |
|
|
Threat Data Feeds Supplementary Tools |
|
|
SIEM Connectors |
|
|
Related Materials |
|
|
User account management |
||
View all group accounts |
|
|
Manage group accounts (create, edit, delete) |
|
|
Configure email notifications |
|
|
.png)