Reputation-via-Pangea

Simplified access to Pangea’s SecIntel reputation services via python and flask. Designed to enable security professionals to leverage their python scripting skills to access Pangea Intel services.

Comment

Inspiration

Cybersecurity practitioners and teams need timely access to reputation intel on a range of objects that cybercriminals compromise in their malicious attack efforts. Pangea's security platform as a service (SPaaS) is the first offering to combine reputational intelligence from multiple leading security vendors into a single service, a boon for security professionals. However, most security practitioners have modest software development skills and could be intimidated by the breadth and completeness of Pangea's offering. Reputation-via-Pangea provides security professionals with simplified access to Pangea reputation intel services via a Python module and example scripts, as well as a browser-based utility to immediately access reputation intel without the need for scripting.

What it does

There are three elements to Reputation-via-Pangea:

-PangeaSecIntel - This python module is designed to simplify access to the Pangea Intel reputation services for: domains, URLs, IP addresses, files, and usernames. Python is popular within the InfoSec community and this module will enhance many of their existing Python projects and enable new ones as well.

-PangeaSecIntel-Example-Script - This Python script provides well-documented, easy-to-follow examples of how to leverage the PangeaSecIntel module to perform reputational lookups.

-pangea-flask - This python Flask app is a single-web-page utility designed for security teams to run locally. With it they can perform reputation lookups quickly and efficiently within their web browser.

How we built it

Reputation-via-Pangea was built in Python leveraging the Pangea Python SDK. It was built in a barebones development environment using Sublime Text as the IDE and git for source code management.

Challenges we ran into

There have been some deprications in the Pangea SDK documentation that are not necessarily reflected in the Pangea Console, and the example code for Intel Services is not complete in the documentation. Took some extra head scratching to figure it all out.

Accomplishments that we're proud of

I'm mostly involved in the business side of cybersecurity technology companies, so this is the first complex programming project that I've taken on in probably over a decade. It took a while to come up to speed on some development tech and concepts, but feel I can still figure it all out and "get it done!".

What we learned

What's next for Reputation-via-Pangea

The next major project is to harden user data input for specific data types (e.g. domains, URLs, IP addresses). Pangea's Intel APIs are very unforgiving/particular on data format and will throw exceptions if user input is not perfect.

Built With

Share this project:

Updates