{"id":6928,"date":"2024-02-07T09:39:54","date_gmt":"2024-02-07T09:39:54","guid":{"rendered":"\/cybersecurity-blog\/?p=6928"},"modified":"2024-07-15T11:25:16","modified_gmt":"2024-07-15T11:25:16","slug":"introducing-any-run-threat-intelligence-lookup","status":"publish","type":"post","link":"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/","title":{"rendered":"Introducing ANY.RUN Threat Intelligence Lookup\u00a0"},"content":{"rendered":"\n<p>For 7 years, <a href=\"https:\/\/any.run\/?utm_source=blog&amp;utm_medium=article&amp;utm_campaign=introducinglookup&amp;utm_content=linktolanding&amp;utm_term=070224\" target=\"_blank\" rel=\"noreferrer noopener\">ANY.RUN<\/a> has been aiding cybersecurity experts in malware analysis through our interactive cloud sandbox. Our goal is to help enterprises, independent experts, and SMEs in understanding and defending against both persistent and emerging threats.&nbsp;<\/p>\n\n\n\n<p>Today, we&#8217;re taking a big step forward in our effort to help businesses strengthen security with the introduction of <a href=\"https:\/\/intelligence.any.run\/analysis\/lookup\/?utm_source=blog&amp;utm_medium=article&amp;utm_campaign=introducinglookup&amp;utm_content=linktolookup&amp;utm_term=070224\" target=\"_blank\" rel=\"noreferrer noopener\">Threat Intelligence Lookup<\/a> \u2014 a streamlined platform that makes it easier to find relevant threat data from ANY.RUN sandbox tasks.&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"566\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-3-1024x566.png\" alt=\"\" class=\"wp-image-6930\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-3-1024x566.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-3-300x166.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-3-768x424.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-3-1536x849.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-3-370x204.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-3-270x149.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-3-740x409.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-3.png 1600w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Homepage of ANY.RUN Threat Intelligence Lookup&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<h2 class=\"wp-block-heading\">What is Threat Intelligence Lookup?&nbsp;<\/h2>\n\n\n\n<p><strong><a href=\"https:\/\/intelligence.any.run\/analysis\/lookup\/?utm_source=blog&amp;utm_medium=article&amp;utm_campaign=introducinglookup&amp;utm_content=linktolookup&amp;utm_term=070224\" target=\"_blank\" rel=\"noreferrer noopener\">Threat Intelligence Lookup<\/a> centralized repository of millions of IOCs extracted from ANY.RUN&#8217;s extensive database of interactive malware analysis sessions<\/strong> (sandbox tasks). It turns isolated data into a holistic view of persistent and emerging threats.&nbsp;&nbsp;<\/p>\n\n\n\n<p>By analyzing processes, modules, files, network traffic, and registry activities, you get detailed context and can fully understand an attack&#8217;s nature, scope, and impact.&nbsp;<\/p>\n\n\n\n<p><strong>Threat Intelligence Lookup is available through an intuitive web-interface as well as an API<\/strong> for integration with your existing security solutions.<\/p>\n\n\n\n<!-- Regular Banner START -->\n<div class=\"regular-banner\">\n<!-- Text Content -->\n<p class=\"regular-banner__text\">\nBolster your security<br>\nTry ANY.RUN\u2019s <span class=\"highlight\">Threat Intelligence Lookup<\/span> platform&nbsp;\n<\/p>\n<!-- CTA Link -->\n<a class=\"regular-banner__link\" id=\"article-banner-regular\" href=\"https:\/\/intelligence.any.run\/plans\/\" rel=\"noopener\" target=\"_blank\">\nContact sales\n<\/a>\n<\/div>\n<!-- Regular Banner END -->\n<!-- Regular Banner Styles START -->\n\n<style>\n.regular-banner {\ndisplay: flex;\ntext-align: center;\nflex-direction: column;\nalign-items: center;\ngap: 1.5rem;\nwidth: 100%;\npadding: 2rem;\nmargin: 1.5rem 0;\nborder-radius: 0.5rem;\nfont-family: 'Catamaran Bold';\nmargin-inline: auto;\nbackground: rgba(32, 168, 241, 0.1);\nborder: 1px solid rgba(75, 174, 227, 0.32);\n}\n\n.regular-banner__text {\nfont-size: 1.5rem;\nmargin: 0;\n}\n\n.highlight {\ncolor: #ea2526;\n}\n\n.regular-banner__link {\npadding: 0.5rem 1.5rem;\nfont-weight: 500;\ntext-decoration: none;\nborder-radius: 0.5rem;\ncolor: #FFFFFF;\nbackground-color: #1491D4;\ntext-align: center;\ntransition: all 0.2s ease-in;\n}\n\n.regular-banner__link:hover {\nbackground-color: #68CBFF;\ncolor: white;\n}\n<\/style>\n<!-- Regular Banner Styles END -->\n\n\n\n<p>In ANY.RUN\u2019s Threat Intelligence Lookup you can find linked threat data both through our Intuitive interface or via API access for integrations with security solutions. Regardless of your preferred interface, you will take advantage of:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>1000 fresh entries per day&nbsp;&nbsp;&nbsp;<\/li>\n\n\n\n<li>2-second request response time&nbsp;&nbsp;&nbsp;<\/li>\n\n\n\n<li>30+ search parameters&nbsp;<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"566\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-2-1024x566.png\" alt=\"\" class=\"wp-image-6929\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-2-1024x566.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-2-300x166.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-2-768x424.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-2-1536x849.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-2-370x204.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-2-270x149.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-2-740x409.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/image-2.png 1600w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">You can search for linked IOCs using 30+ search fields&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<h2 class=\"wp-block-heading\">What are the benefits of ANY.RUN TI Lookup?<\/h2>\n\n\n\n<p>ANY.RUN <a href=\"https:\/\/any.run\/threat-intelligence-lookup\/\" target=\"_blank\" rel=\"noreferrer noopener\">Threat Intelligence Lookup<\/a> can help you <strong>meet compliance requirements<\/strong> by improving your cyberattack response capabilities. It also <strong>increases security ROI<\/strong> by reducing the time and effort needed to investigate and respond to threats.&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>For security teams<\/strong>, using ANY.RUN TI Lookup means faster research, accurately and swiftly connecting isolated IOCs to specific threats or known malware campaigns, staying updated with emerging malware trends, and workflow flexibility \u2014 analysts can run searches using a web UI or our API.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>For organizations<\/strong>, ANY.RUN TI Lookup reduces risk by identifying threats as soon as they appear and proactively addressing them to prevent damage. TI Lookup also enables effective employee training\u2014access to a comprehensive knowledge base with detailed insights into malware behavior helps to onboard new hires and junior researchers, growing their skills.&nbsp;<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">A powerful search engine for contextual IOCs<\/h2>\n\n\n\n<p>You can investigate processes, modules, files, network, and registry activity logged by ANY.RUN sandbox using a variety of search parameters:&nbsp;&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Single IOC<\/strong>: Look for specific IOCs, including URLs, MD5, SHA1, SHA256 hashes, IP addresses, or domain names.&nbsp;<\/li>\n\n\n\n<li><strong>Logged event fields<\/strong>: Focus on key fields in logged events. Look for things like command lines, registry paths and values, and names of processes and modules.&nbsp;<\/li>\n\n\n\n<li><strong>Detection details<\/strong>: Use MITRE techniques and detection names. Pay attention to Suricata class, message, and ID.&nbsp;<\/li>\n\n\n\n<li><strong>Combined search<\/strong>: Search for occurrences of IOCs or event fields together in the same analysis session. This method helps understand the malware&#8217;s lifecycle and behavior at different infection stages.&nbsp;<\/li>\n\n\n\n<li><strong>Wildcard queries<\/strong>: Use wildcard characters like asterisk (*), caret (^), and dollar sign ($) to expand or narrow your search. This is especially useful when you have limited or partial threat information.&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>Overall, ANY.RUN Threat Intelligence Lookup has 30+ search fields:<\/p>\n\n\n\n<div class=\"wpdt-c row wpDataTableContainerSimpleTable wpDataTables wpDataTablesWrapper\n\"\n    >\n        <table id=\"wpdtSimpleTable-75\"\n           style=\"border-collapse:collapse;\n                   border-spacing:0px;\"\n           class=\"wpdtSimpleTable wpDataTable\"\n           data-column=\"4\"\n           data-rows=\"6\"\n           data-wpID=\"75\"\n           data-responsive=\"0\"\n           data-has-header=\"0\">\n\n                    <tbody>        <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"A1\"\n                    data-col-index=\"0\"\n                    data-row-index=\"0\"\n                    style=\" width:25%;                    padding:10px;\n                    \"\n                    >\n                                        File Hash\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"B1\"\n                    data-col-index=\"1\"\n                    data-row-index=\"0\"\n                    style=\" width:25%;                    padding:10px;\n                    \"\n                    >\n                                        Task Type\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"C1\"\n                    data-col-index=\"2\"\n                    data-row-index=\"0\"\n                    style=\" width:25%;                    padding:10px;\n                    \"\n                    >\n                                        OS\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"D1\"\n                    data-col-index=\"3\"\n                    data-row-index=\"0\"\n                    style=\" width:25%;                    padding:10px;\n                    \"\n                    >\n                                        Registry Key\u00a0\u00a0                    <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"A2\"\n                    data-col-index=\"0\"\n                    data-row-index=\"1\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Threat Name\u00a0\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"B2\"\n                    data-col-index=\"1\"\n                    data-row-index=\"1\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Image Path\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"C2\"\n                    data-col-index=\"2\"\n                    data-row-index=\"1\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Destination IP\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"D2\"\n                    data-col-index=\"3\"\n                    data-row-index=\"1\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Destination IP Geo\u00a0\u00a0                    <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"A3\"\n                    data-col-index=\"0\"\n                    data-row-index=\"2\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Rule Threat Level\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"B3\"\n                    data-col-index=\"1\"\n                    data-row-index=\"2\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Submission Country\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"C3\"\n                    data-col-index=\"2\"\n                    data-row-index=\"2\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        HTTP Response Content\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"D3\"\n                    data-col-index=\"3\"\n                    data-row-index=\"2\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Registry Name\u00a0\u00a0                    <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"A4\"\n                    data-col-index=\"0\"\n                    data-row-index=\"3\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Rule Name\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"B4\"\n                    data-col-index=\"1\"\n                    data-row-index=\"3\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Command Line\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"C4\"\n                    data-col-index=\"2\"\n                    data-row-index=\"3\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Destination Port\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"D4\"\n                    data-col-index=\"3\"\n                    data-row-index=\"3\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        File Name\u00a0\u00a0                    <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"A5\"\n                    data-col-index=\"0\"\n                    data-row-index=\"4\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Threat Level\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"B5\"\n                    data-col-index=\"1\"\n                    data-row-index=\"4\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Date\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"C5\"\n                    data-col-index=\"2\"\n                    data-row-index=\"4\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        URL\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"D5\"\n                    data-col-index=\"3\"\n                    data-row-index=\"4\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Suricata Class\u00a0\u00a0                    <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"A6\"\n                    data-col-index=\"0\"\n                    data-row-index=\"5\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        MITRE\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"B6\"\n                    data-col-index=\"1\"\n                    data-row-index=\"5\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Injected Flag\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"C6\"\n                    data-col-index=\"2\"\n                    data-row-index=\"5\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Domain Name\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-align-center\"\n                                            data-cell-id=\"D6\"\n                    data-col-index=\"3\"\n                    data-row-index=\"5\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Registry Value\u00a0                    <\/td>\n                                        <\/tr>\n                    <\/table>\n<\/div><style id='wpdt-custom-style-75'>\ntable#wpdtSimpleTable-75{ table-layout: fixed !important; }\ntable#wpdtSimpleTable-75 td, table.wpdtSimpleTable75 th { white-space: normal !important; }\n<\/style>\n\n\n\n\n<h2 class=\"wp-block-heading\">What is the source of our Threat Intelligence data?&nbsp;<\/h2>\n\n\n\n<p>Our Threat Intelligence data is sourced from around 14,000 daily tasks that our community of over 300,000 researchers run in <a href=\"http:\/\/any.run\/?utm_source=blog&amp;utm_medium=article&amp;utm_campaign=introducinglookup&amp;utm_content=linktolanding&amp;utm_term=070224\" target=\"_blank\" rel=\"noreferrer noopener\">ANY.RUN<\/a> malware sandbox.<\/p>\n\n\n\n<p>The ANY.RUN sandbox is fully interactive. This means that it allows security teams to analyze malware in a cloud environment that is similar to a local computer setup. They can engage with malware directly (unlock password-protected archives, click through installers, and trigger downloads of secondary payloads) and identify samples that evade automated detection systems.&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"563\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/1-1-1024x563.png\" alt=\"\" class=\"wp-image-6939\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/1-1-1024x563.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/1-1-300x165.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/1-1-768x422.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/1-1-1536x845.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/1-1-2048x1126.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/1-1-370x203.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/1-1-270x148.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/1-1-740x407.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">ANY.RUN IT Lookup gives access to the latest IOCs from millions of sandbox tasks&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<p>Our sandbox enables analysts to examine malware for up to 20 minutes, handle files as large as 100MB, and configure environment settings: including custom VPN, MITM Proxy, and FakeNet \u2014 both for Windows and Linux operating systems. It provides real-time data to IOCs which makes our sandbox a go-to-tool among thousands of malware analysts \u2014 and every task they launch contributes to our Threat Intelligence Database.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"564\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/2-1-1024x564.png\" alt=\"\" class=\"wp-image-6940\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/2-1-1024x564.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/2-1-300x165.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/2-1-768x423.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/2-1-1536x846.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/2-1-2048x1128.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/2-1-370x204.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/2-1-270x149.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/02\/2-1-740x408.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">In TI Lookup you can directly access sandbox tasks where an IOC was recorded<\/figcaption><\/figure><\/div>\n\n\n<p>Because the ANY.RUN sandbox is closely integrated with the ANY.RUN Threat Intelligence Lookup, after identifying an indicator, you can directly access a recorded sandbox session where it was detected \u2014 <strong>this is crucial because you can get insights into malware behavior in real-life attack situations.<\/strong><\/p>\n\n\n\n<p><strong>Let us show you how Threat Intelligence Lookup can help your SOC team &#8211; book a call with us<\/strong> \u2b07\ufe0f<\/p>\n\n\n\n<!-- Calendly inline widget begin -->\n<div class=\"calendly-inline-widget\" data-url=\"https:\/\/calendly.com\/d\/3nd-rzd-xvx\/any-run-demo-blog?hide_event_type_details=1&#038;hide_gdpr_banner=1&#038;primary_color=00b0e8\" style=\"min-width:320px;height:700px;\"><\/div>\n<script type=\"text\/javascript\" src=\"https:\/\/assets.calendly.com\/assets\/external\/widget.js\" async><\/script>\n<!-- Calendly inline widget end -->\n\n\n\n<h2 class=\"wp-block-heading\">Try ANY.RUN Threat Intelligence Lookup Yourself<\/h2>\n\n\n\n<p>Interested in improving your security and incident response capabilities with ANY.RUN Threat Intelligence Lookup? We\u2019re offering a trial with 20 search queries for existing ANY.RUN clients, who have purchased Searcher plan or above. We encourage all businesses to reach out to our sales team to gain access to the trial, find out more about the platform, or discuss pricing options.<\/p>\n\n\n\n<p><a href=\"https:\/\/intelligence.any.run\/plans\/?utm_source=blog&amp;utm_medium=article&amp;utm_campaign=introducinglookup&amp;utm_content=linktolookupsalespage&amp;utm_term=070224\" target=\"_blank\" rel=\"noreferrer noopener\">\u0421ontact sales \u2192<\/a>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>For 7 years, ANY.RUN has been aiding cybersecurity experts in malware analysis through our interactive cloud sandbox. Our goal is to help enterprises, independent experts, and SMEs in understanding and defending against both persistent and emerging threats.&nbsp; Today, we&#8217;re taking a big step forward in our effort to help businesses strengthen security with the introduction [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":6942,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[60],"tags":[57,10,54,56],"class_list":["post-6928","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-anyrun","tag-cybersecurity","tag-features","tag-update"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.10 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Introducing ANY.RUN Threat Intelligence Lookup\u00a0 - ANY.RUN&#039;s Cybersecurity Blog<\/title>\n<meta name=\"description\" content=\"Learn about Threat Intelligence Lookup \u2014 a streamlined platform that makes it easier to find relevant threat data from ANY.RUN sandbox tasks.\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ANY.RUN\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/\"},\"author\":{\"name\":\"ANY.RUN\",\"@id\":\"https:\/\/any.run\/\"},\"headline\":\"Introducing ANY.RUN Threat Intelligence Lookup\u00a0\",\"datePublished\":\"2024-02-07T09:39:54+00:00\",\"dateModified\":\"2024-07-15T11:25:16+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/\"},\"wordCount\":890,\"commentCount\":2,\"publisher\":{\"@id\":\"https:\/\/any.run\/\"},\"keywords\":[\"ANYRUN\",\"cybersecurity\",\"features\",\"update\"],\"articleSection\":[\"News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/\",\"url\":\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/\",\"name\":\"Introducing ANY.RUN Threat Intelligence Lookup\u00a0 - ANY.RUN&#039;s Cybersecurity Blog\",\"isPartOf\":{\"@id\":\"https:\/\/any.run\/\"},\"datePublished\":\"2024-02-07T09:39:54+00:00\",\"dateModified\":\"2024-07-15T11:25:16+00:00\",\"description\":\"Learn about Threat Intelligence Lookup \u2014 a streamlined platform that makes it easier to find relevant threat data from ANY.RUN sandbox tasks.\u00a0\",\"breadcrumb\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/any.run\/cybersecurity-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"News\",\"item\":\"https:\/\/any.run\/cybersecurity-blog\/category\/news\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Introducing ANY.RUN Threat Intelligence Lookup\u00a0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN&#039;s Cybersecurity Blog\",\"description\":\"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.\",\"publisher\":{\"@id\":\"https:\/\/any.run\/\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/any.run\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN\",\"url\":\"https:\/\/any.run\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg\",\"contentUrl\":\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg\",\"width\":1,\"height\":1,\"caption\":\"ANY.RUN\"},\"image\":{\"@id\":\"https:\/\/any.run\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/www.any.run\/\",\"https:\/\/twitter.com\/anyrun_app\",\"https:\/\/www.linkedin.com\/company\/30692044\",\"https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g\",\"caption\":\"ANY.RUN\"},\"url\":\"https:\/\/any.run\/cybersecurity-blog\/author\/a-bespalova\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Introducing ANY.RUN Threat Intelligence Lookup\u00a0 - ANY.RUN&#039;s Cybersecurity Blog","description":"Learn about Threat Intelligence Lookup \u2014 a streamlined platform that makes it easier to find relevant threat data from ANY.RUN sandbox tasks.\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/","twitter_misc":{"Written by":"ANY.RUN","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/#article","isPartOf":{"@id":"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/"},"author":{"name":"ANY.RUN","@id":"https:\/\/any.run\/"},"headline":"Introducing ANY.RUN Threat Intelligence Lookup\u00a0","datePublished":"2024-02-07T09:39:54+00:00","dateModified":"2024-07-15T11:25:16+00:00","mainEntityOfPage":{"@id":"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/"},"wordCount":890,"commentCount":2,"publisher":{"@id":"https:\/\/any.run\/"},"keywords":["ANYRUN","cybersecurity","features","update"],"articleSection":["News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/","url":"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/","name":"Introducing ANY.RUN Threat Intelligence Lookup\u00a0 - ANY.RUN&#039;s Cybersecurity Blog","isPartOf":{"@id":"https:\/\/any.run\/"},"datePublished":"2024-02-07T09:39:54+00:00","dateModified":"2024-07-15T11:25:16+00:00","description":"Learn about Threat Intelligence Lookup \u2014 a streamlined platform that makes it easier to find relevant threat data from ANY.RUN sandbox tasks.\u00a0","breadcrumb":{"@id":"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/any.run\/cybersecurity-blog\/"},{"@type":"ListItem","position":2,"name":"News","item":"https:\/\/any.run\/cybersecurity-blog\/category\/news\/"},{"@type":"ListItem","position":3,"name":"Introducing ANY.RUN Threat Intelligence Lookup\u00a0"}]},{"@type":"WebSite","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/","name":"ANY.RUN&#039;s Cybersecurity Blog","description":"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.","publisher":{"@id":"https:\/\/any.run\/"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/any.run\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/any.run\/","name":"ANY.RUN","url":"https:\/\/any.run\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","contentUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","width":1,"height":1,"caption":"ANY.RUN"},"image":{"@id":"https:\/\/any.run\/"},"sameAs":["https:\/\/www.facebook.com\/www.any.run\/","https:\/\/twitter.com\/anyrun_app","https:\/\/www.linkedin.com\/company\/30692044","https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ"]},{"@type":"Person","@id":"https:\/\/any.run\/","name":"ANY.RUN","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g","caption":"ANY.RUN"},"url":"https:\/\/any.run\/cybersecurity-blog\/author\/a-bespalova\/"}]}},"_links":{"self":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/6928"}],"collection":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/comments?post=6928"}],"version-history":[{"count":10,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/6928\/revisions"}],"predecessor-version":[{"id":8224,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/6928\/revisions\/8224"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media\/6942"}],"wp:attachment":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media?parent=6928"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/categories?post=6928"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/tags?post=6928"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}