Skip to content

Releases: CiscoSecurity/tr-05-serverless-censys

Version 1.0.1

04 Jul 08:42
@mstoro mstoro
v1.0.1
cd25b51
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 1.0.1 Latest
Latest
  • Extend the list of event types to resolve 500 error
Assets 2
Loading

Version 1.0.0

16 May 13:39
@mstoro mstoro
v1.0.0
6ad556a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 1.0.0

Implementation Details

Implemented Relay Endpoints

  • POST /health

    • Verifies the Authorization Bearer JWT and decodes it to restore the
      original credentials.
    • Authenticates to the underlying external service to check that the provided
      credentials are valid and the service is available at the moment.

  • POST /observe/observables

    • Accepts a list of observables and filters out unsupported ones.
    • Verifies the Authorization Bearer JWT and decodes it to restore the
      original credentials.
    • Makes a series of requests to the underlying external service to query for
      some cyber threat intelligence data on each supported observable.
    • Maps the fetched data into appropriate CTIM entities.
    • Returns a list per each of the following CTIM entities (if any extracted):
      • Sighting

  • POST /refer/observables

    • Accepts a list of observables and filters out unsupported ones.
    • Builds a search link per each supported observable to pivot back to the
      underlying external service and look up the observable there.
    • Returns a list of those links.

  • POST /version

    • Returns the current version of the application.

Supported Types of Observables

  • ip
  • ipv6
Assets 2
Loading