we can do something very similar with risk i Q
another ah, free trial that you can you can get.
I think this one might have a time limit on it, but the threat connect, I believe, is just a free community edition that you can use indefinitely.
But this tool is also very useful.
Has a lot of different tough futures somewhat similar in some ways to threat connect. But
it's better to have more choices for your analysis than less so that's certainly something to think about.
So I'm gonna go ahead and log into this.
I am a deposit video for just a moment while I do that.
Okay, so we're at the dashboard,
and we can see that there are
areas where you can create your own projects. You can do your own foot printing.
Uh, I don't believe the free version allows you to create your own footprints, but you can look at some that are already there as examples,
and you see the integrations here multi go
being the one that we're more interested in.
And I just talked about how that's use with from within. Multi gills were not really dig into that any deeper.
But all these public projects,
start poking around and seeing what kind of information
analyzed with this. Within this platform, from a passive total,
it's their risk. I Q platform.
So it's quite a few things here.
We can just try one,
uh see, we have indication of compromise research into the Houdini malware, so let's go ahead and click this.
As we can see, we get a lot of good information right off the bat.
Several different artifacts were listed
with the person who created them and some various tags.
I didn't click on one of the artifacts,
and you can see that it's trying to retrieve a heat map so that might be useful.
And you can see from the different color coding that there's,
various levels of activity throughout time,
and you can scroll this slider.
It looks like the most recent activity is in the in the
time from that were already in there,
and these are some of the other indications that are present in that in that diagram.
So I've got 16 hashes that are related to this I p address
It's very simple use
Oh, I don't have permission to view the footprint. Okay,
this may be something that you have to
that might be part of the problem there.
So we go back to home
we will look at what footprints look like.
Er, Doctor was one here I saw earlier
when that was already created.
Okay, we'll just do it. We'll look at the footprints capability.
If you can tell, these can get pretty complex,
but it's showing lots of good information. Start maybe with one central domain in this case, Ah, USPS dot ghosts in the postal Service.
And it's got, you know, 11 critical CV ease five that air high 235 open ports.
to get a lot more of this information
a little bit easier to select something
again. Very useful to be able to, uh,
see this kind of information. Your fingertips?
Yeah. Footprint Enterprise edition is what you need. If you want to have this capability,
there's only so much you can get for free. But, uh,
that's a real quick overview. And from within this from within your profile, you can also get the AP Iike you to do the multi go integration