"/>

PAe - new version of kings, the solution to the CCN-CERT to share information of cyber threats
accesskey _ mod _ content

Nueva versión de REYES, la solución del CCN-CERT para compartir información de ciberamenazas

18 march 2019

CCN-CERT Logo

This solution, for all those organizations that have a certificate of early warning System on the Internet (SAT-INET), facilitates the work of analysis of incidents to the information and correlada context with the main sources of existing information, both public and private.

The CCN-CERT (Opens in new window) has submitted REYES 3.0, a new version of the solution that facilitates the work of analysis of incidents to the information and correlada context with the main sources of existing information, both public and private.

Among its developments, is a new interface that offers a more consolidated and structured to facilitate the work of analysis and a new engine of intelligence, in addition to new sources of information.

Through this portal, centralized information available to the organizations attached to their early warning systems, can be carried out any investigation quickly and easily, accessing from a single platform for the most valuable information on ciberincidentes.

The core of information of REYES is based on technology MISP (Malware Information-Sharing Platform), which is enriched with external sources of public and private information to speed up the prevention and response to incidents. Thanks to this core of information, and land with international agencies, through REYES has access to a large privileged information.

Another advantage of KINGS, after process and analyse information through the partnership or graph of intelligence, creating relations between the different measures and events that permit the analyst to swing between the various indicators to establish a more comprehensive view of the attacker and infrastructure that used to, in this way, speed up its response to incidents.

REYES, a unique solution for information sharing

There are various aspects that make REYES one solution:

  • Is state with international agencies
  • Collects information from many sources malware specialists
  • Contains attributes and contextualised malware events
  • Allows interaction with other tools of analysis
  • Automatically makes the correlation between the various elements of ciberinteligencia containing
  • Emphasizes the information obtained
  • Enables the download of reports

Access to this platform is restricted to all those organizations that have a certificate of the portal SAT and carried out by the following link (Opens in new window) .

You can find more information in the following Guides CCN-STIC:

  • Guide CCN-STIC-423 compromise Indicators (Opens in new window) , que muestra las herramientas existentes para identificar indicadores de compromiso (IoC), así como los pasos que se deben dar para actuar frente a amenazas desconocidas. También se muestran las etapas necesarias para compartir estos ficheros de inteligencia en la plataforma disponible REYES, así como los pasos de creación y exportación de manera manual.
  • CCN-STIC-424 guide information-sharing STIX-TAXII Cyber threats. (Opens in new window) , que presenta las últimas tendencias en materia de compartición de la información y de los estándares más utilizados en el sector (STIX, TAXII) así como las numerosas ventajas de su uso para la mejora de las capacidades defensivas de una organización. Se ofrece, además, un caso práctico de uso con la herramienta REYES en el que se pueden seguir las operaciones básicas – como importar y exportar inteligencia -, todo ello basado en un ataque conocido.
  • Guide CCN-STIC-425 cycle of intelligence and analysis of Intrusions (Opens in new window) , cuyo objeto es ofrecer una explicación, simple y concisa, de lo que en ciberseguridad constituye la llamada Ciberinteligencia y el Ciclo de Inteligencia, desarrollando una de sus fases más significativas: el Análisis. Con este propósito se desarrolla un Modelo para el Análisis Formal de Intrusiones.
  • Guide CCN-STIC-426 REYES. User Manual (Opens in new window) . Esta Guía recoge los principales aspectos de la herramienta REYES como plataforma desplegada por el CCN-CERT para el intercambio de información y conocimiento sobre ciberamenazas.

Original source of news (Opens in new window) .

  • Security