We are happy to announce that another system developed by our team, n6 (Network Security Incident eXchange), has been released to the community on an open source licence.
- infections (bots),
- phishing,
- C&C servers,
- URLs used to distribute malware,
- attacks on network services,
- and many others.
n6 is our in-house developed platform for automated gathering, processing and distribution of information on security threats. It acts as a data processing hub to effectively share relevant information with the network owners, administrators and operators. Data shared using the platform include:
The system supports a wide variety of data sources, which include CSIRTs, security vendors, non-profit organisations, independent researchers and internal monitoring systems. We use it to process millions of security events per day and to deliver them to the affected organizations.
The system has been under active development for several years and we have decided to share it with the CSIRT community and any other parties that need to process significant amount of IoCs and abuse reports.
You can find the source code on GitHub: https://github.com/CERT-Polska/n6
If you are a national CSIRT interested in getting access to the data on your country, contact us via [email protected].
Recent development of n6 has been supported by the CEF program, action no. 2016-PL-IA-0127.
