ANY.RUN Threat Intelligence Reviews & Product Details

Threat intelligence solutions by ANY.RUN feature: Threat Intelligence Lookup (TI Lookup), a solution for contextual browsing of threat intelligence. It provides access to a vast, continuously updated collection of Indicators of Compromise (IOCs), Indicators of Attack (IOAs), and behavior indicators (IOBs) derived from ANY.RUN’s Interactive Sandbox analyses. With over 40 search parameters, operators, and wildcards, it allows users to perform targeted lookups of threat intel gathered from investigations done by a global network of over 500,000 users and 15,000 organizations. Accompanied by YARA Search, it helps enrich indicators, improve detection rules, and as a result—speed up triage, threat hunting, and incident response. Threat Intelligence Feeds (TI Feeds) offers a continuously updated database of IOCs, including malicious IPs, domains, URLs, file hashes enriched with contextual threat data. Designed for seamless integration with your security stack (e.g., SIEM, XDR, TIP systems by various vendors), TI Feeds enable SOC, MSSP, and DFIR teams to accelerate threat hunting, improve alert triage, and proactively defend against emerging attacks.