TAXII Feeds
Data feeds are available as STIX feeds via TAXII. You can see the list of TAXII feeds and activate the desired ones in the TAXII FEEDS section. The feeds can be accessed or incorporated into your internal system by a standard TAXII interface. See the sample Python script for accessing TAXII feeds. When downloaded and extracted, open the script in a simple text editor to see further instructions for use.
Additionally, you can access TAXII feeds via the Postman template. To start using it, download the file, import it to Postman and set the variables values as described in the template.
To learn how to activate a TAXII feed, see the next chapter.
Data retention and filtering
The TAXII feeds data retention is two weeks; data older than 14 days is not available for retrieval.
To review the TAXII feeds from a specific period, use the added_after filter parameter with a timestamp value in the "YYYY-MM-DDTHH:MM:SS.ssssssZ" format. This way, the system will return the objects added after the specified timestamp. To learn more information, review the TAXII 2.1 specification.
If you do not provide the added_after filter parameter, the system will automatically set the default timestamp: two days before the current date and time. In this case, you will receive the TAXII feeds from the past two days.
Feed formats
All TAXII Feeds are available in STIX 2.1 format via TAXII 2.1 collections.
To preview a sample feed in the portal, select a report collection and click Download example. The downloaded JSON file contains a static sample feed that does not have live data; it is not updated.
The discovery link for TAXII feeds: https://taxii.eset.com/taxii2
You can choose from several types of feeds:
Feed |
TAXII feed name |
TAXII 2 ID |
TAXII 2 feed URL |
---|---|---|---|
androidinfostealer stix 2.1 |
9ee501cde0c44d6db4ae995fead1a7c8 |
||
androidthreats stix 2.1 |
daf3de8fab144552a1cb5af054ed07ee |
||
apt stix 2.1 |
97e3eb74ae5f46dd9e22f677a6938ee7 |
||
botnet stix 2.1 |
0abb06690b0b47e49cd7794396b76b20 |
||
botnet.cc stix 2.1 |
d1923a526e8f400dbb301259240ee3d5 |
||
botnet.target stix 2.1 |
61b6e4f9153e411ca7a9982a2c6ae788 |
||
cryptoscam stix 2.1 |
2c183ce9551a43338c6cc2ed7c2a704d |
||
domain stix 2.1 |
a34aa0a4f9de419582a883863503f9c4 |
||
ip stix 2.1 |
baaed2a92335418aa753fe944e13c23a |
||
emailattachments stix 2.1 |
c0d56cf7f81d482eb97fd46beaa4bae0 |
||
file stix 2.1 |
ee6a153ed77e4ec3ab21e76cc2074b9f |
||
phishingurl stix 2.1 |
d0a6c0f962dd4dd2b3eeb96b18612584 |
||
ransomware stix 2.1 |
8d3490d688ce4a989aee9af5c680d8bf |
||
scamurl stix 2.1 |
2130adc3c67c43f9a3664b187931375e |
||
smishing stix 2.1 |
330ad7d0c736476babe5e49077b96c95 |
||
smsscam stix 2.1 |
6e20217a2e1246b8ab11be29f759f716 |
||
url stix 2.1 |
1d3208c143be49da8130f5a66fd3a0fa |
Fair Use Policy limitations may apply. |