To conduct an investigation quickly and easily, accessing from a single platform for the most valuable information on ciberincidentes is the main objective of kings, the tool developed by the CCN-CERT. In this first phase, the current version of REYES is destined to all organizations that are affixed to the Early warning system, SAT, National Governmental CERT.
Access all kinds of black lists related to incidents (APT, botnet, malware ransomware, spam or TOR); enter other tools like MISP (Malware Information-Sharing Platform, in turn federated with other organizations such as NATO, FIRST, EGC and other CERT), MARTA or own SAT and your rules are some of the possibilities offered by this new platform that attempts to expediting the work of analysis and resolution of ciberincidentes, as well as the sharing of information between different organizations.
There are various aspects that make REYES a unique tool:
- It is in question with international agencies
- Collects information from many sources malware specialists
- Contains attributes and contextualised malware events
- Allows interaction with other tools of analysis
- Automatically makes the correlation between the various elements of ciberinteligencia contained therein.
The access to this platform is restricted to all those organizations that have a SAT-INET certificate.