No products in the cart.
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. It will also automatically enrich observables (e.g. resolve domains, geolocate IPs) so that you don't have to. Yeti provides an interface for humans (shiny Bootstrap-based UI) and one for machines (web API) so that your other tools can talk nicely to it. The platform was born out of frustration of having to answer the question "where have I seen this artifact before?" or Googling shady domains to tie them to a malware family. In a nutshell, Yeti allows you to: Submit observables and get a pretty good guess on the nature of the threat. Inversely, focus on a threat and quickly list all TTPs, Observables, and associated malware. Let responders skip the "Google the artifact" stage of incident response. Let analysts focus on adding intelligence rather than worrying about....
What are the minimum system requirements for YETI?
As far as we know, the developers of this tool didn’t give any information about minimum system requirements. They tested it on Ubuntu. You can read more about the tool in the documentation: https://yeti-platform.readthedocs.io/en/latest/index.html