What Changed
Major repository update introducing two new threat intelligence solutions and comprehensive updates across existing solutions including packaging improvements, script automation, and solution analyzer tooling.
NEW Solutions Added
Cyble Vision (Threat Intelligence)
Complete threat intelligence solution providing dark web monitoring, vulnerability tracking, and compromise detection across multiple threat vectors including IoCs, leaked credentials, malicious domains, and stealer logs.
Tropico
Security orchestration solution providing alert, event, and incident management capabilities through CCF-based data connectors.
Detection Surface Unlocked
Cyble Vision brings comprehensive external threat monitoring:
- Dark web marketplace and forum monitoring
- Stolen credential and data breach detection
- Phishing and malicious domain identification
- IoC and vulnerability intelligence feeds
- Mobile app security monitoring
- Social media threat tracking
Tropico enhances security operations workflow:
- Security event aggregation and correlation
- Incident lifecycle management
- Alert prioritization and routing
Affected Files
Solutions/Cyble Vision/ (90+ new files: analytic rules, parsers, connectors, workbooks)
Solutions/Tropico/ (12+ new files: CCF connectors, packaging)
Solutions/Intel471/ (enhanced playbooks and deployment guides)
Solutions/Miro/ (new CCF connectors)
Plus updates to: Infoblox NIOS, SOC Prime CCF, Microsoft Entra ID, SAP BTP, and 10+ other solutions
(.script/bundleAwsS3Scripts.sh and extensive Solutions Analyzer documentation updates)