Maltiverse by Lumu enhances your cybersecurity stack's Continuous Compromise Assessment by injecting curated threat intelligence feeds, thereby empowering threat detection. This article will guide you through the initial steps to integrate Maltiverse's capabilities into your organization's cyber defense.

You can get started in three simple steps:

1. Create a Maltiverse Account

To start using Maltiverse, you must create an account. This is a very simple process and you will be set in a few minutes.

The Lumu and Maltiverse Portals are separate platforms. If you have a Lumu account but not a Maltiverse account, you must create one to access the Maltiverse Portal.

1. Start by heading to the Maltiverse login page. There, select the option to register an account.

2. Provide the required information to create the account. You will need to set a username (1), a corporate email address (2), and a secure password (3). Complete the captcha challenge (4) and create your account(5).

This will log you into the Maltiverse Portal and you will be notified about an account confirmation email.

3. Head to your inbox, look for the confirmation email and activate your account.

4. You will then be redirected to the Maltiverse Portal, where you can access its features.

2. Select a Threat Feed

Maltiverse’s threat intelligence is gathered from multiple trusted sources, including web crawlers, spam traps, research teams, partner feeds, and historical records of malicious activity.
All of this data is processed and continuously refined to form the Threat Feeds, collections of IoCs grouped by their nature or behavior, such as Command and Control activity, malware distribution, malicious IP addresses, TOR nodes, and more.

You can inspect and select Threat Feeds from the Maltiverse Portal.

1. Select Feeds (1) from the left navigation menu.

2. On this module, you can find the full list of the different Threat Feeds. Select the one of the Threat Feeds.

3. To review the IoCs information of the selected feed, click on Feed Composition (1).

On this view, you can find a detailed overview of the IoCs that make up this feed. You can check the exact Feed composition by type (1) and their distribution in the graph (2), along with other useful information.

4. If needed, you can review the full list of IoC. Go to the Feed Content tab (1) to display the full list.

5. You can check the details of each IoC. Simply click on one of the IoCs and you will be directed to the IoC overview page. Here you will find relevant information about the history of this IoC.

Familiarize yourself with the feeds and its contents to make an informed decision on which Feed satisfies your needs. Once you select a Threat Feed, you are ready for the next step.

You can also create your own custom feeds, learn how to do it following our documentation.

3. Integrate the Threat feed

Maltiverse Threat Feeds can be easily integrated with a high variety of leading security solutions. By consuming these feeds, tools like firewalls, endpoint protection, and SIEM/SOAR platforms enrich their detection and response capabilities with up-to-date indicators of compromise.

Integrating the TI feed is a straightforward process. Go back to the selected feed and do the following:

1. Click Integrate feed to open the list of connectors.

2. Select the connector you need for the integration. There is a wide variety of security solutions in which Maltiverse can be integrated.

3. Follow the steps given in the integration page.

This documentation is dynamic and adapts to your context. The content changes based on your selections and the information associated with your account, ensuring that examples and parameters are relevant to your integration.

Once you are done with the integration, you’ve successfully started using Maltiverse’s refined data to improve your security operations. But that’s just the beginning, with Maltiverse you also can:

• Download Threat Feeds to assist you with Threat Hunting, reporting and analysis.
• Create custom feeds to tailor them to your company’s needs
• Use the search engine to run a deep research on the Maltiverse dataset.

Extra Step - Start a Trial

You can get a taste of the full capacities of the Maltiverse Platform subscription tier by starting a 14-day trial. You can activate the trial period by yourself, without assistance or input from the Lumu Support team. Simply click on the Pricing Plans section, under the Info drop-down menu.

Then, click on any of the Trial buttons to start the Maltiverse Platform trial.

You will be directed to the trial registration form. Follow the instructions provided, choose the options that best suit your organization’s needs, and enter the required information.

Continue completing the form. At the bottom, you’ll find the Auto-Onboarding by Domain (1) option, which automatically assigns any email addresses with your organization’s domain to the trial you’re setting up. Enabling this option is highly recommended, as it simplifies the onboarding process for your team members. Once done. Start your 14-day trial (2) and find out how Maltiverse can improve your cybersecurity posture.