Welcome to Cyber Lens, your comprehensive threat intelligence and IOC analysis platform. This guide will help you navigate the key features and make the most of your security investigations.
The IOC (Indicator of Compromise) Lookup is the core feature of Cyber Lens, allowing you to analyze potential threats across multiple threat intelligence providers simultaneously.
- Navigate to the Home page - You'll find the IOC lookup interface prominently displayed
- Enter your IOC - Supported formats include:
- IP addresses (e.g.,
192.168.1.1,2001:db8::1) - Domain names (e.g.,
malicious-site.com) - URLs (e.g.,
https://suspicious-url.com/path) - File hashes (MD5, SHA1, SHA256)
- IP addresses (e.g.,
- Click "Analyze" - Cyber Lens will query multiple threat intelligence providers in parallel
- Review Results - Get a comprehensive threat score and detailed analysis
- Threat Score (0-100): Higher scores indicate greater threat likelihood
- Verdict: Clear classification as Benign, Suspicious, or Malicious
- Provider Details: See which threat intelligence sources flagged the IOC
- Confidence Level: Indicates the reliability of the assessment
- Be specific: Use complete URLs rather than just domains when possible
- Cross-reference: Check multiple related IOCs for comprehensive analysis
- Consider context: Legitimate business tools may sometimes trigger alerts
The History feature maintains a complete record of all your IOC analyses, enabling you to track investigations and identify patterns over time.
- Click "History" in the navigation menu
- Browse chronologically - Your searches are ordered by date and time
- Filter and search - Find specific IOCs or analysis results quickly
- Timestamp tracking: See exactly when each analysis was performed
- Result preservation: All threat scores and verdicts are stored permanently
- Quick re-analysis: Click on any historical IOC to run a fresh analysis
- Export capabilities: Download your analysis history for reporting
- Investigation tracking: Monitor the evolution of threats over time
- Pattern recognition: Identify recurring malicious indicators
- Compliance reporting: Generate audit trails for security reviews
- Team collaboration: Share investigation histories with team members
Stay informed about the latest cybersecurity threats with our curated news feed, which automatically extracts and highlights IOCs from current security news.
- Real-time updates: Continuously updated with the latest security news
- IOC extraction: Automatically identifies and highlights indicators in articles
- Categorized content: News organized by threat type, industry, or geography
- Direct analysis: Click any extracted IOC to run an immediate threat analysis
- Browse headlines - Scan for emerging threats relevant to your organization
- Read detailed articles - Get context about new attack vectors or campaigns
- Extract IOCs - Find indicators mentioned in news stories
- Analyze immediately - Click any IOC to check its current threat status
- Malware outbreaks: Information about new malicious software campaigns
- Vulnerability disclosures: Details about newly discovered security flaws
- Attack campaigns: Coverage of ongoing or recent cyber attacks
- Industry alerts: Sector-specific threat intelligence
The Analytics dashboard provides visual insights into your threat landscape, helping you identify trends, patterns, and potential security gaps.
- Threat trends: Visualize how different types of threats evolve over time
- IOC statistics: See breakdowns of analyzed indicators by type and verdict
- Provider performance: Monitor which threat intelligence sources are most valuable
- Geographic distribution: Understand the geographic origins of threats
- Interactive charts: Click on chart elements to drill down into specific data
- Custom date ranges: Analyze threats during specific time periods
- Export capabilities: Download charts and data for presentations
- Real-time updates: Analytics refresh automatically as new data comes in
- Monitor trends: Look for increases in specific threat types
- Identify patterns: Spot recurring attack vectors or sources
- Measure impact: Assess how threats affect your organization over time
- Inform strategy: Use data to guide security investment and policy decisions
- What are our top threat sources? - Identify the most common malicious indicators
- Are threats increasing or decreasing? - Track overall threat volume trends
- Which IOCs need attention? - Prioritize based on threat scores and frequency
- How effective are our defenses? - Measure success through threat reduction metrics
- Save frequently analyzed IOCs - Bookmark important indicators for quick access
- Set up alerts - Configure notifications for specific threat types or scores
- Use batch analysis - Analyze multiple IOCs simultaneously when investigating incidents
- Document findings - Add notes to analyses for future reference
- Verify before acting - Always cross-reference high-threat IOCs with additional sources
- Consider false positives - Legitimate business tools may sometimes trigger alerts
- Update regularly - Keep your threat intelligence current with frequent analyses
- Share insights - Distribute important findings across your security team
- Slow analysis: Check your internet connection and try again
- Unexpected results: Verify IOC format and try alternative threat intelligence sources
- Missing history: Ensure you're logged in to save analysis results
- Analytics not loading: Refresh the page and check your browser compatibility
If you encounter issues or have questions about using Cyber Lens:
- Check this guide - Most common questions are answered here
- Review the FAQ - Look for answers to frequently asked questions
- Contact support - Reach out through the support channels provided
- Community forums - Connect with other Cyber Lens users for tips and advice
- Developer Guide: Learn about the technical architecture
- API Documentation: For integration with your existing security tools
- Training Materials: Video tutorials and walkthroughs for advanced features
- Security Blog: Latest threat research and Cyber Lens updates
This guide is continuously updated. Check back regularly for new features and improved workflows.