The latest release of Pulsedive's community platform comes with new and improved functionality for all of our users.
We're excited to announce the release of Pulsedive 5.0 this week, which comes with new types and sources of data, as well as ways to integrate and export.
The good news: the new release will feel pretty familiar and won't change how you've been using Pulsedive (except for Explore... read on below).
The better news...
- MITRE ATT&CK integration + threats upgrade
- STIX via TAXII format (relevant for paid products)
- Explore overhaul
- Performance improvements
- UI updates
Read more about each item below (with helpful screenshots and links).
MITRE ATT&CK + Threats Upgrade
"MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community." https://attack.mitre.org/
MITRE ATT&CK Software and Groups are now added as Pulsedive threats. Tactics and techniques are added to threat pages as attributes and accessible via the API.
What does that mean?
Example: if you search a threat like Dridex, you will now see a summary with MITRE ATT&CK data.
References will include MITRE ATT&CK sources where available, in addition to the news and blogs Pulsedive ingests.
The Attributes section on threat pages now displays tactics, techniques, and technologies from MITRE ATT&CK.
STIX/TAXII 2.1 Export
By popular demand, Pulsedive now enables the use of the TAXII 2.1 protocol for bulk exporting in STIX 2.1 format as an alternative to our existing CSV format. Bulk export of Pulsedive data is available to customers with Pro and Feed plans.
Our STIX via TAXII documentation can be found here: pulsedive.com/api/taxii
You can export Pulsedive indicators and threats in bulk as STIX 2.1 objects from our collections:
- Pulsedive Indicator Data (paid Pro and Feed plans)
- Pulsedive Threat Data (paid Pro and Feed plans)
- Pulsedive Test Data (available to anyone for free to test and debug)
We have introduced a brand new query language, along with a streamlined look and feel, to our Explore page: pulsedive.com/explore
Our query guide and autocomplete can help familiarize users with the new Explore and the many ways to search across our database.
Here's an example showing a specific DNS MX record values query:
Note: autocomplete does not reflect Pulsedive's full range of search capabilities or possible search terms. Check out our guide to learn how to use the new Explore, the types of search terms available, and test out sample queries: pulsedive.com/explore
P.S. You can use the new Explore with our API, the documentation is here: pulsedive.com/api/explore
Speed is of the essence. That's why we invested in backend performance improvements across the board.
We optimized some queries to improve page load times. We also expanded our infrastructure to improve database performance under load, which translates into faster API response times.
Additionally, we redesigned our ingestion queue, which means faster scan times. Our initial tests show an average improvement of 25%, but times will vary, depending on background jobs and other variables.
User Interface Updates
Beyond tweaking the color scheme, we've cleaned up our interface with drop-down menus.
In our global navigation, it's now easer to access API docs pages and account settings.
On Explore and Indicator pages, you can find additional ways to:
- Export - CSV, JSON, STIX 2.1
- Share - copy link, email, or tweet (if no default browser share dialogue exists)
That's all, folks! As always with releases, things may not work perfectly out of the gate; if you run into any issues please don't hesitate to contact us. We're here and ready to address your questions and feedback.
Get in Touch
Reporting a new issue or bug may even earn you free Pulsedive swag.