{"id":15534,"date":"2025-08-20T12:46:32","date_gmt":"2025-08-20T12:46:32","guid":{"rendered":"\/cybersecurity-blog\/?p=15534"},"modified":"2025-08-22T13:36:29","modified_gmt":"2025-08-22T13:36:29","slug":"enrich-iocs-with-threat-intelligence","status":"publish","type":"post","link":"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/","title":{"rendered":"How to Enrich IOCs with Actionable Threat Context: Tips for SOC Analysts\u00a0"},"content":{"rendered":"\n<p>One solution can change everything. ANY.RUN\u2019s <a href=\"https:\/\/intelligence.any.run\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=enrich_iocs_with_context&amp;utm_term=200825&amp;utm_content=linktolookup\" target=\"_blank\" rel=\"noreferrer noopener\">Threat Intelligence Lookup<\/a> is living proof of that.&nbsp;<\/p>\n\n\n\n<p>By delivering a browsable source of threat data, it helps your SOC overcome challenges that have to be faced in order to reach higher detection rates and make smarter security decisions.&nbsp;<\/p>\n\n\n\n<p>Find details on how to make the most of TI Lookup below.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Threat Intelligence Lookup: Context for Fatigue-Free Investigations&nbsp;<\/h2>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"531\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image1-2-1024x531.png\" alt=\"\" class=\"wp-image-15575\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image1-2-1024x531.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image1-2-300x155.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image1-2-768x398.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image1-2-1536x796.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image1-2-2048x1061.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image1-2-370x192.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image1-2-270x140.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image1-2-740x383.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Main page of TI Lookup with statistics and MITRE ATT&amp;CK Matrix&nbsp;<\/em><\/figcaption><\/figure><\/div>\n\n\n<p><a href=\"https:\/\/any.run\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=enrich_iocs_with_context&amp;utm_term=200825&amp;utm_content=linktolanding\" target=\"_blank\" rel=\"noreferrer noopener\">ANY.RUN<\/a> develops essential solutions for SOCs, such as Threat Intelligence Lookup\u2014a searchable database of threat data. Its goal is to <a href=\"https:\/\/any.run\/cybersecurity-blog\/threat-intelligence-for-soc\/\" target=\"_blank\" rel=\"noreferrer noopener\">bridge the threat intelligence gap<\/a> for malware analysts by enriching indicators with actionable context.&nbsp;<\/p>\n\n\n\n<p>TI Lookup makes it possible by providing swift access to data collected from millions of malware\u00a0analyses done in ANY.RUN sandbox by experts who work for <a href=\"https:\/\/any.run\/cybersecurity-blog\/threat-intelligence-from-organizations\/\" target=\"_blank\" rel=\"noreferrer noopener\">15,000 companies<\/a> all over the world. This lets you add context to your indicators and tap into this fresh, actionable data on attacks that just happened. The best part is\u2014it&#8217;s available at no cost.\u00a0<\/p>\n\n\n\n<p>The free version of TI Lookup gives you access to 20 most recent sandbox analyses per query, unlocks key search fields (file hashes, URLs, domains, IPs,&nbsp;MITRE ATT&amp;CK techniques, Suricata IDs, etc.), and makes it possible to create compound searches.&nbsp;<\/p>\n\n\n\n<p>For free, you can achieve:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Enriched Threat Investigations:&nbsp;<\/strong>Gain deeper insight into threats by connecting existing artifacts with real-world attacks.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Accelerated Response:<\/strong> Reduce MTTR by quickly understanding&nbsp;threat behavior, objectives, and targets through sandbox analysis.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Stronger Proactive Defense:&nbsp;<\/strong>Gather intelligence on emerging threats to act before they cause damage.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Enhanced Team Expertise:<\/strong>&nbsp;Empower SOC analysts to study real-world attacks and adversary TTPs in live malware using the interactive MITRE ATT&amp;CK matrix.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Improved Detection Rules:&nbsp;<\/strong>Leverage intelligence from TI Lookup to refine SIEM, IDS\/IPS, and EDR rules for stronger proactive defense.&nbsp;<\/li>\n<\/ul>\n\n\n\n<!-- Regular Banner START -->\n<div class=\"regular-banner\">\n<!-- Text Content -->\n<p class=\"regular-banner__text\">\n<span class=\"highlight\">Investigate right away<\/span><br>for faster, data-fueled triage and response&nbsp;  \n<\/p>\n<!-- CTA Link -->\n<a class=\"regular-banner__link\" id=\"article-banner-regular\" href=\"https:\/\/intelligence.any.run\/analysis\/lookup\/?utm_source=anyrunblog&#038;utm_medium=article&#038;utm_campaign=enrich_iocs_with_context&#038;utm_term=200825&#038;utm_content=linktolookup\" target=\"_blank\" rel=\"noopener\">\nTry TI Lookup for free\n<\/a>\n<\/div>\n<!-- Regular Banner END -->\n<!-- Regular Banner Styles START -->\n\n<style>\n.regular-banner {\ndisplay: flex;\ntext-align: center;\nflex-direction: column;\nalign-items: center;\ngap: 1.5rem;\nwidth: 100%;\npadding: 2rem;\nmargin: 1.5rem 0;\nborder-radius: 0.5rem;\nfont-family: 'Catamaran Bold';\nmargin-inline: auto;\nbackground: rgba(32, 168, 241, 0.1);\nborder: 1px solid rgba(75, 174, 227, 0.32);\n}\n\n.regular-banner__text {\nfont-size: 1.5rem;\nmargin: 0;\n}\n\n.highlight {\ncolor: #ea2526;\n}\n\n.regular-banner__link {\npadding: 0.5rem 1.5rem;\nfont-weight: 500;\ntext-decoration: none;\nborder-radius: 0.5rem;\ncolor: #FFFFFF;\nbackground-color: #1491D4;\ntext-align: center;\ntransition: all 0.2s ease-in;\n}\n\n.regular-banner__link:hover {\nbackground-color: #68CBFF;\ncolor: white;\n}\n<\/style>\n<!-- Regular Banner Styles END -->\n\n\n\n<h2 class=\"wp-block-heading\">Use Cases of TI Lookup\u2019s Free Version&nbsp;<\/h2>\n\n\n\n<p>Register in TI Lookup for free, and you\u2019ll be able to access actionable threat insights right away. Apply them in scenarios like these:&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Enriching Network Indicators with Context&nbsp;<\/h3>\n\n\n\n<p>A practical example: you need to verify a domain to see if it\u2019s tied to any malicious activities, and if yes, gain more info on it. &nbsp;<\/p>\n\n\n\n<p>Enter it into TI Lookup and you\u2019ll instantly see the result. The following domain, for instance, turned out to be malicious:&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/intelligence.any.run\/analysis\/lookup\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=enrich_iocs_with_context&amp;utm_term=200825&amp;utm_content=linktolookup#{%22query%22:%22domainName:%5C%22technologyenterdo.shop%5C%22%22,%22dateRange%22:180}\" target=\"_blank\" rel=\"noreferrer noopener\">domainName: &#8220;technologyenterdo.shop&#8221;<\/a>&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"140\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image32-1024x140.png\" alt=\"\" class=\"wp-image-15576\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image32-1024x140.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image32-300x41.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image32-768x105.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image32-1536x210.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image32-2048x281.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image32-370x51.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image32-270x37.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image32-740x101.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>TI Lookup\u2019s conclusion on the query<\/em>&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<p>With a free plan, you can access up to 20 recent analysis sessions that involve it to enrich the indicator with reliable context. In addition to domains, the same can be done for IPs and URLs, also for free.&nbsp;<\/p>\n\n\n\n<p>TI Lookup\u2019s Premium plan would allow you to see even more information. For example, the fact that domain above is labeled with a \u201cmalconf\u201d tag. This means that it was retrieved from the very heart of&nbsp;a malicious sample\u2014<a href=\"https:\/\/any.run\/cybersecurity-blog\/malconf-in-ti-lookup\/#quick-brief-on-ti-lookup-8417\" target=\"_blank\" rel=\"noreferrer noopener\">malware configuration<\/a>. Indicators from configs offer trustworthy, valuable insights into the malware\u2019s behavior and impact.&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"133\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2432-1024x133.png\" alt=\"\" class=\"wp-image-15578\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2432-1024x133.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2432-300x39.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2432-768x100.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2432-1536x200.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2432-2048x267.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2432-370x48.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2432-270x35.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2432-740x96.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Premium plan gives you more details, such as info on domains&nbsp;<\/em><\/figcaption><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\">Exploring New Threat Samples&nbsp;<\/h3>\n\n\n\n<p>Since around 73% of attacks start with phishing, SOC teams should stay on the lookout for fresh threat samples that can potentially harm your company. One thing you can do is to monitor current TTPs in TI Lookup.&nbsp;<\/p>\n\n\n\n<p>To narrow down your search, you can keep track of threats submitted by analysts from your country. For example, the following query will help you browse Tycoon threats detected in Germany:&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/intelligence.any.run\/analysis\/lookup\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=enrich_iocs_with_context&amp;utm_term=200825&amp;utm_content=linktolookup#{%22query%22:%22threatName:%5C%22tycoon%5C%22%20AND%20submissionCountry:%5C%22de%5C%22%22,%22dateRange%22:180}\" target=\"_blank\" rel=\"noreferrer noopener\">threatName:&#8221;tycoon&#8221; AND submissionCountry:&#8221;de&#8221;<\/a>&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"586\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image9-2-1024x586.png\" alt=\"\" class=\"wp-image-15589\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image9-2-1024x586.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image9-2-300x172.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image9-2-768x440.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image9-2-1536x880.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image9-2-2048x1173.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image9-2-370x212.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image9-2-270x155.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image9-2-740x424.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Search results for Tycoon threats submitted in Germany&nbsp;<\/em><\/figcaption><\/figure><\/div>\n\n\n<p>From there, you can collect indicators from search results and create or update your detection rules in order to stay ahead of potential threats.&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"563\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image12-1024x563.jpeg\" alt=\"\" class=\"wp-image-15629\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image12-1024x563.jpeg 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image12-300x165.jpeg 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image12-768x423.jpeg 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image12-1536x845.jpeg 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image12-2048x1127.jpeg 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image12-370x204.jpeg 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image12-270x149.jpeg 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image12-740x407.jpeg 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>TI Lookup shares links to relevant ANY.RUN sandbox sessions like this one\u00a0<\/em><\/figcaption><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\">Checking File Hashes&nbsp;<\/h3>\n\n\n\n<p>Another essential use case of TI Lookup is performing a quick check for an indicator. Let\u2019s see if this hash is connected to any threats:&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/intelligence.any.run\/analysis\/lookup\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=enrich_iocs_with_context&amp;utm_term=200825&amp;utm_content=linktolookup#{%22query%22:%22sha256:%5C%22a78cdb5cf41aa777d9fb082e094f7a8b9e73d0b31d8358db3a58a5ba8ae42ca5%5C%22%22,%22dateRange%22:180}\" target=\"_blank\" rel=\"noreferrer noopener\">sha256:&#8221;a78cdb5cf41aa777d9fb082e094f7a8b9e73d0b31d8358db3a58a5ba8ae42ca5&#8243;<\/a> &nbsp;<\/p>\n\n\n\n<p>The verdict: it\u2019s associated with Lumma. One simple query, and you\u2019ve received trustworthy result based on actual threat investigations by other analysts.&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"329\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-5-1024x329.png\" alt=\"\" class=\"wp-image-15580\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-5-1024x329.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-5-300x96.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-5-768x247.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-5-1536x493.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-5-2048x658.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-5-370x119.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-5-270x87.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-5-740x238.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Results of looking up hash from query above&nbsp;<\/em><\/figcaption><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\">Tracking Threats by TTPs&nbsp;<\/h3>\n\n\n\n<p>ANY.RUN also provides access to the interactive MITRE ATT&amp;CK matrix that shows you real-world examples of threats active today. With it, you can learn about different TTPs recently used by threat actors and see how they look in action via ANY.RUN\u2019s Interactive Sandbox.&nbsp;<\/p>\n\n\n\n<p>For that, go to <a href=\"https:\/\/intelligence.any.run\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=enrich_iocs_with_context&amp;utm_term=200825&amp;utm_content=linktolookup\" target=\"_blank\" rel=\"noreferrer noopener\">TI Lookup<\/a> and click any TTP to dig deeper. For example, here are some of the results for<strong> T1068: <\/strong>Exploitation for Privilege Escalation:&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"517\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image5-4-1024x517.png\" alt=\"\" class=\"wp-image-15581\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image5-4-1024x517.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image5-4-300x151.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image5-4-768x387.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image5-4-1536x775.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image5-4-2048x1033.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image5-4-370x187.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image5-4-270x136.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image5-4-740x373.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Access further info on Tactics, Techniques, and Procedures&nbsp;<\/em><\/figcaption><\/figure><\/div>\n\n\n<p>You see the description for this TTP and links to malicious samples that involve it. Click any analysis session to see the full detonation and retrieve indicators.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Transforming Your SOC for Proactive Security&nbsp;<\/h2>\n\n\n\n<p>TI Lookup\u2019s free version gives you more than just a glimpse into threat intelligence. As we\u2019ve shown above, it can be a powerful solution to a number of SOC challenges.&nbsp;<\/p>\n\n\n\n<p>The Premium plan, however, gives you even more. It\u2019s an enterprise-grade product, helping businesses across infrastructures:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Speed Up and Automate Detection:<\/strong>\u00a0Correlate alerts against a vast database of<a href=\"https:\/\/any.run\/cybersecurity-blog\/iocs-iobs-ioas-explained\/\" target=\"_blank\" rel=\"noreferrer noopener\"> IOCs, IOBs, and IOAs<\/a>, and integrate TI Lookup with your SIEM, TIP, or SOAR systems for real-time monitoring.<\/li>\n\n\n\n<li><strong>Hunt and Investigate with Depth and Precision:<\/strong>\u00a0Create and search custom YARA rules in ANY.RUN\u2019s database and refine investigations with <a href=\"https:\/\/any.run\/cybersecurity-blog\/ti-lookup-search-parameters\/\" target=\"_blank\" rel=\"noreferrer noopener\">40+ parameters<\/a> and <a href=\"https:\/\/any.run\/cybersecurity-blog\/search-operators-and-wildcards-in-ti-lookup\/\" target=\"_blank\" rel=\"noreferrer noopener\">advanced operators<\/a>.\u00a0<\/li>\n\n\n\n<li><strong>Stay Proactive and Informed:<\/strong>&nbsp;Set automated alerts for specific IOCs or patterns, and leverage TI Reports from expert analysts to track evolving malware trends across industries.&nbsp;<\/li>\n<\/ul>\n\n\n\n<!-- Regular Banner START -->\n<div class=\"regular-banner\">\n<!-- Text Content -->\n<p class=\"regular-banner__text\">\nEnrich indicators with actionable data<br>on threats targeting <span class=\"highlight\">15K companies<\/span>\n<\/p>\n<!-- CTA Link -->\n<a class=\"regular-banner__link\" id=\"article-banner-regular\" href=\"https:\/\/intelligence.any.run\/plans\/?utm_source=anyrunblog&#038;utm_medium=article&#038;utm_campaign=enrich_iocs_with_context&#038;utm_term=200825&#038;utm_content=linktolookup\" target=\"_blank\" rel=\"noopener\">\nTry TI Lookup Premium\n<\/a>\n<\/div>\n<!-- Regular Banner END -->\n<!-- Regular Banner Styles START -->\n\n<style>\n.regular-banner {\ndisplay: flex;\ntext-align: center;\nflex-direction: column;\nalign-items: center;\ngap: 1.5rem;\nwidth: 100%;\npadding: 2rem;\nmargin: 1.5rem 0;\nborder-radius: 0.5rem;\nfont-family: 'Catamaran Bold';\nmargin-inline: auto;\nbackground: rgba(32, 168, 241, 0.1);\nborder: 1px solid rgba(75, 174, 227, 0.32);\n}\n\n.regular-banner__text {\nfont-size: 1.5rem;\nmargin: 0;\n}\n\n.highlight {\ncolor: #ea2526;\n}\n\n.regular-banner__link {\npadding: 0.5rem 1.5rem;\nfont-weight: 500;\ntext-decoration: none;\nborder-radius: 0.5rem;\ncolor: #FFFFFF;\nbackground-color: #1491D4;\ntext-align: center;\ntransition: all 0.2s ease-in;\n}\n\n.regular-banner__link:hover {\nbackground-color: #68CBFF;\ncolor: white;\n}\n<\/style>\n<!-- Regular Banner Styles END -->\n\n\n\n<p>Among Premium features are <a href=\"https:\/\/any.run\/cybersecurity-blog\/ti-lookup-notifications\/\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>Query Updates<\/strong><\/a>. They automate the process of indicator enrichment by keeping you subscribed to threats and indicators of interest. Enter any query, such as:&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/intelligence.any.run\/analysis\/lookup\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=enrich_iocs_with_context&amp;utm_term=200825&amp;utm_content=linktolookup#{%22query%22:%22threatName:%5C%22remcos%5C%22%20AND%20domainName:%5C%22%5C%22%22,%22dateRange%22:180}\" target=\"_blank\" rel=\"noreferrer noopener\">threatName:&#8221;remcos&#8221; AND domainName:&#8221;&#8221;<\/a>&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"545\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image4-3-1024x545.png\" alt=\"\" class=\"wp-image-15582\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image4-3-1024x545.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image4-3-300x160.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image4-3-768x408.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image4-3-1536x817.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image4-3-2048x1089.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image4-3-370x197.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image4-3-270x144.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image4-3-740x394.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Results of the query in TI Lookup Premium&nbsp;<\/em><\/figcaption><\/figure><\/div>\n\n\n<p>Click the bell icon, and you\u2019ll start receiving fresh data on new samples that fit your query. As you can see, there are plenty:&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"535\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2-4-1024x535.png\" alt=\"\" class=\"wp-image-15583\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2-4-1024x535.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2-4-300x157.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2-4-768x401.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2-4-1536x802.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2-4-2048x1070.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2-4-370x193.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2-4-270x141.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image2-4-740x386.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Subscribe to the query using the button in the top right corner to stay ahead&nbsp;<\/em><\/figcaption><\/figure><\/div>\n\n\n<p>Another way to deepen your investigation is to browse Indicators of Behavior (IOBs). This allows you to research attacks using minor artefacts like a suspicious fragment of a command line. Type it in like so:&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/intelligence.any.run\/analysis\/lookup\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=enrich_iocs_with_context&amp;utm_term=200825&amp;utm_content=linktolookup#%7B%2522query%2522:%2522commandLine:%255C%2522$codigo%255C%2522%2522,%2522dateRange%2522:180%7D\" target=\"_blank\" rel=\"noreferrer noopener\">commandLine:\u201d$codigo\u201d<\/a>&nbsp;&nbsp;&nbsp;<\/p>\n\n\n\n<p>As a result, you\u2019ll find out that this command line is actually related to AsyncRAT\u2019s&nbsp;<a href=\"https:\/\/any.run\/cybersecurity-blog\/five-common-malware-evasion-techniques\/\" target=\"_blank\" rel=\"noreferrer noopener\">steganography<\/a>&nbsp;attacks<strong>:<\/strong><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"540\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-2048x1079-1-1024x540.png\" alt=\"\" class=\"wp-image-15556\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-2048x1079-1-1024x540.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-2048x1079-1-300x158.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-2048x1079-1-768x405.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-2048x1079-1-1536x809.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-2048x1079-1-370x195.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-2048x1079-1-270x142.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-2048x1079-1-740x390.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/08\/image7-2048x1079-1.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>TI Lookup returns over 400 analyses of malicious samples associated with this command line&nbsp;&nbsp;<\/em><\/figcaption><\/figure><\/div>\n\n\n<h2 class=\"wp-block-heading\">About ANY.RUN&nbsp;<\/h2>\n\n\n\n<p>Trusted by more than&nbsp;500,000 security professionals&nbsp;and&nbsp;15,000+ organizations&nbsp;across industries like finance, healthcare, and manufacturing,&nbsp;<a href=\"https:\/\/any.run\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=enrich_iocs_with_context&amp;utm_term=200825&amp;utm_content=linktolanding\" target=\"_blank\" rel=\"noreferrer noopener\">ANY.RUN<\/a>&nbsp;empowers teams to investigate malware and phishing threats with speed and accuracy.&nbsp;<\/p>\n\n\n\n<p>With <a href=\"https:\/\/any.run\/features\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=enrich_iocs_with_context&amp;utm_term=200825&amp;utm_content=linktolanding\" target=\"_blank\" rel=\"noreferrer noopener\">ANY.RUN\u2019s&nbsp;Interactive Sandbox<\/a>, you can safely analyze suspicious files and URLs, observe live behavior, and extract key insights to dramatically reduce triage and decision-making time.&nbsp;<\/p>\n\n\n\n<p>Tap into&nbsp;<a href=\"https:\/\/any.run\/threat-intelligence-lookup\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=enrich_iocs_with_context&amp;utm_term=200825&amp;utm_content=linktolanding\" target=\"_blank\" rel=\"noreferrer noopener\">Threat Intelligence Lookup<\/a>&nbsp;and&nbsp;<a href=\"https:\/\/any.run\/threat-intelligence-feeds\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=enrich_iocs_with_context&amp;utm_term=200825&amp;utm_content=linktolanding\" target=\"_blank\" rel=\"noreferrer noopener\">TI Feeds<\/a>&nbsp;to uncover IOCs, attacker tactics, and behavioral patterns linked to real-world threats for staying one step ahead of evolving attacks.&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/any.run\/demo\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=enrich_iocs_with_context&amp;utm_term=200825&amp;utm_content=linktodemo\" target=\"_blank\" rel=\"noreferrer noopener\">Experience ANY.RUN\u2019s solutions firsthand to enhance your SOC workflow via a trial period<\/a>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>One solution can change everything. ANY.RUN\u2019s Threat Intelligence Lookup is living proof of that.&nbsp; By delivering a browsable source of threat data, it helps your SOC overcome challenges that have to be faced in order to reach higher detection rates and make smarter security decisions.&nbsp; Find details on how to make the most of TI [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":15559,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[57,10,78],"class_list":["post-15534","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-lifehacks","tag-anyrun","tag-cybersecurity","tag-threat-intelligence"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.10 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How to Enrich IOCs with Actionable Threat Context: Tips for SOC Analysts\u00a0 - ANY.RUN&#039;s Cybersecurity Blog<\/title>\n<meta name=\"description\" content=\"See how free version of ANY.RUN\u2019s Threat Intelligence Lookup helps enrich IOCs with context from live attack data.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ANY.RUN\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/\"},\"author\":{\"name\":\"ANY.RUN\",\"@id\":\"https:\/\/any.run\/\"},\"headline\":\"How to Enrich IOCs with Actionable Threat Context: Tips for SOC Analysts\u00a0\",\"datePublished\":\"2025-08-20T12:46:32+00:00\",\"dateModified\":\"2025-08-22T13:36:29+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/\"},\"wordCount\":1339,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/any.run\/\"},\"keywords\":[\"ANYRUN\",\"cybersecurity\",\"threat intelligence\"],\"articleSection\":[\"Cybersecurity Lifehacks\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/\",\"url\":\"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/\",\"name\":\"How to Enrich IOCs with Actionable Threat Context: Tips for SOC Analysts\u00a0 - ANY.RUN&#039;s Cybersecurity Blog\",\"isPartOf\":{\"@id\":\"https:\/\/any.run\/\"},\"datePublished\":\"2025-08-20T12:46:32+00:00\",\"dateModified\":\"2025-08-22T13:36:29+00:00\",\"description\":\"See how free version of ANY.RUN\u2019s Threat Intelligence Lookup helps enrich IOCs with context from live attack data.\",\"breadcrumb\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/any.run\/cybersecurity-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity Lifehacks\",\"item\":\"https:\/\/any.run\/cybersecurity-blog\/category\/lifehacks\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to Enrich IOCs with Actionable Threat Context: Tips for SOC Analysts\u00a0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN&#039;s Cybersecurity Blog\",\"description\":\"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.\",\"publisher\":{\"@id\":\"https:\/\/any.run\/\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/any.run\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN\",\"url\":\"https:\/\/any.run\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg\",\"contentUrl\":\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg\",\"width\":1,\"height\":1,\"caption\":\"ANY.RUN\"},\"image\":{\"@id\":\"https:\/\/any.run\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/www.any.run\/\",\"https:\/\/twitter.com\/anyrun_app\",\"https:\/\/www.linkedin.com\/company\/30692044\",\"https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g\",\"caption\":\"ANY.RUN\"},\"url\":\"https:\/\/any.run\/cybersecurity-blog\/author\/a-bespalova\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Enrich IOCs with Actionable Threat Context: Tips for SOC Analysts\u00a0 - ANY.RUN&#039;s Cybersecurity Blog","description":"See how free version of ANY.RUN\u2019s Threat Intelligence Lookup helps enrich IOCs with context from live attack data.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/","twitter_misc":{"Written by":"ANY.RUN","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/#article","isPartOf":{"@id":"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/"},"author":{"name":"ANY.RUN","@id":"https:\/\/any.run\/"},"headline":"How to Enrich IOCs with Actionable Threat Context: Tips for SOC Analysts\u00a0","datePublished":"2025-08-20T12:46:32+00:00","dateModified":"2025-08-22T13:36:29+00:00","mainEntityOfPage":{"@id":"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/"},"wordCount":1339,"commentCount":0,"publisher":{"@id":"https:\/\/any.run\/"},"keywords":["ANYRUN","cybersecurity","threat intelligence"],"articleSection":["Cybersecurity Lifehacks"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/","url":"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/","name":"How to Enrich IOCs with Actionable Threat Context: Tips for SOC Analysts\u00a0 - ANY.RUN&#039;s Cybersecurity Blog","isPartOf":{"@id":"https:\/\/any.run\/"},"datePublished":"2025-08-20T12:46:32+00:00","dateModified":"2025-08-22T13:36:29+00:00","description":"See how free version of ANY.RUN\u2019s Threat Intelligence Lookup helps enrich IOCs with context from live attack data.","breadcrumb":{"@id":"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/any.run\/cybersecurity-blog\/enrich-iocs-with-threat-intelligence\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/any.run\/cybersecurity-blog\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity Lifehacks","item":"https:\/\/any.run\/cybersecurity-blog\/category\/lifehacks\/"},{"@type":"ListItem","position":3,"name":"How to Enrich IOCs with Actionable Threat Context: Tips for SOC Analysts\u00a0"}]},{"@type":"WebSite","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/","name":"ANY.RUN&#039;s Cybersecurity Blog","description":"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.","publisher":{"@id":"https:\/\/any.run\/"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/any.run\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/any.run\/","name":"ANY.RUN","url":"https:\/\/any.run\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","contentUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","width":1,"height":1,"caption":"ANY.RUN"},"image":{"@id":"https:\/\/any.run\/"},"sameAs":["https:\/\/www.facebook.com\/www.any.run\/","https:\/\/twitter.com\/anyrun_app","https:\/\/www.linkedin.com\/company\/30692044","https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ"]},{"@type":"Person","@id":"https:\/\/any.run\/","name":"ANY.RUN","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g","caption":"ANY.RUN"},"url":"https:\/\/any.run\/cybersecurity-blog\/author\/a-bespalova\/"}]}},"_links":{"self":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/15534"}],"collection":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/comments?post=15534"}],"version-history":[{"count":15,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/15534\/revisions"}],"predecessor-version":[{"id":15632,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/15534\/revisions\/15632"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media\/15559"}],"wp:attachment":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media?parent=15534"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/categories?post=15534"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/tags?post=15534"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}