{"id":6715,"date":"2024-01-17T06:25:47","date_gmt":"2024-01-17T06:25:47","guid":{"rendered":"\/cybersecurity-blog\/?p=6715"},"modified":"2024-01-17T06:25:53","modified_gmt":"2024-01-17T06:25:53","slug":"new-threat-details-window","status":"publish","type":"post","link":"https:\/\/any.run\/cybersecurity-blog\/new-threat-details-window\/","title":{"rendered":"Access Full Network Threat Details and Review Suricata Rules"},"content":{"rendered":"\n

From residential proxy<\/a> to FakeNet and MITM proxy<\/a>, ANY.RUN has consistently provided advanced network analysis tools since its launch. Our service empowers users to meticulously dissect malicious traffic and extract crucial information in seconds. Now, we’re elevating our capabilities by expanding the descriptions of threats detected by the sandbox and granting full access to triggered Suricata rules.<\/p>\n\n\n\n

Redesigned Threats section\u00a0<\/h2>\n\n\n
\n
\"\"
Click on the Threats tab to view all network threats detected by ANY.RUN<\/figcaption><\/figure><\/div>\n\n\n

To enhance transparency into malware’s network activity, we’ve revamped the Threats section in ANY.RUN<\/a>‘s interface.\u00a0\u00a0<\/p>\n\n\n\n

Simply click the Threats tab right below the VM screen to access a complete list of malicious activities identified by the sandbox using Suricata signatures. <\/p>\n\n\n\n

New Threat Details window<\/h2>\n\n\n
\n
\"\"
The Threat Details window will offer you more info on your objects of interest<\/figcaption><\/figure><\/div>\n\n\n

By selecting a specific threat, you’ll gain access to the Threat Details window, providing a comprehensive overview of the detected threat. This includes links to the original sources of threat intelligence, along with the source and destination IP addresses, ports, and the employed transport protocol. <\/p>\n\n\n\n

The “Stream data” tab within the Threat Details window offers insights into malicious packet content. The downloadable data is presented in both hexadecimal format and human-readable text, enabling thorough analysis. <\/p>\n\n\n\n

Viewable Suricata rules<\/h2>\n\n\n
\n
\"\"
Hunter and Enterprise subscribers can look inside Suricata rules<\/figcaption><\/figure><\/div>\n\n\n

Exclusively for Hunter and Enterprise plan subscribers, the Suricata rule tab grants access to the signature content used for identifying the threat. This empowers users to witness firsthand how the ET Open rulesets align with various network activities.<\/p>\n\n\n\n\n

\n\n

\nSuricata rules and other features of ANY.RUN<\/span> for free \n<\/p>\n\n\nRequest trial\n<\/a>\n<\/div>\n\n\n\n