Overview
Intezer is a platform built to analyze and investigate every alert like an experienced security analyst and reverse engineer.
Prerequisites
-
Logsign 6.3.+ versions support this integration.
Configure On Intezer
Forwarding settings are completed as follows:
- Log in to your Intezer portal.
- Access the API by authenticating your account with an API key. To generate the key, click on “Generate API Key” located in your profile icon.
- Copy the API Key value.
Configure On Logsign
Forwarding settings are completed as follows:
- Click Settings > Integrations > Responses.
- In the ‘Search’ part, write Intezer.
- Click ‘Configure’ and then click ‘+Device’.
- Define the settings as follows:
- Device Name: Define the Device Name.
- Api Key: Specify the api key.
- Click Create to save the changes.
Methods
ANALYZE
- Device: Select the configuration you have configured.
- File Path: Define you to perform malware analysis of suspicious files.
GET-ANALYSES
- Device: Select the configuration you have configured.
- Analysis Id: Based on your specified Analysis ID, retrieves a summary of the analyses of a file that was previously submitted to Intezer Analyze.
GET-SUB-ANALYSES
- Device: Select the configuration you have configured.
- Analysis Id: This function retrieves a list of sub-analysis IDs associated with the analysis ID specified, including root file sub-analysis IDs.
GET-CODE-REUSE
- Device: Select the configuration you have configured.
- Analysis Id: Define the analysis id.
- Sub Analysis Id: Define the sub analysis id.
FIND-RELATED-FILES
- Device: Select the configuration you have configured.
- Analysis Id: Define the analysis id.
- Sub Analysis Id: Define the sub analysis id.
- Family Id: Define the family id.
GET-ANALYSES-BY-HASH
- Device: Select the configuration you have configured.
- Hash: Define the hash.
Note: For detailed information about the methods, please follow this link. Intezer Analyze - API Documentation