The SANS Internet Storm Center is proud to announce the release of our first OpenIOC format API call. We have been hard at work writing a method that serves our firewall logs as OpenIOC XML content dynamically from a RESTful HTTP request. This is a critical step in expanding our service offerings to you, our readers, members and contributors.

 

You can use tools that ISC handler Russ McRee mentioned in a previous diary to convert output from this new method into STIX format. This is just the beginning however; the development roadmap includes the addition of another API method with the same data served in STIX format!

 

Ready to get started? View the documentation here: https://isc.sans.edu/api/#openiocsources

 

Please share your feedback as well as use cases and success stories as they unfold in the comments below.

 

A big thanks to Russ McRee for his assistance with testing and the writing of this announcement!