MAEC Comparator API Now Available in python-maec

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

MAEC Comparator API Now Available in python-maec

Kirillov, Ivan A.

All,

 

I’m pleased to announce the release of the alpha version of the MAEC Comparator API in python-maec (https://github.com/MAECProject/python-maec). This API currently allows for basic comparisons to be made between one or more MAEC Bundles for the purpose of finding common and unique Objects. Among other uses, this can be used for comparing the outputs of multiple sandbox tools or for malware of the same family, in order to discern the common and unique set of Objects that it may interact with. In the future we hope to extend the API for support of other MAEC entities such as Actions and Behaviors.

 

We’ve written some documentation on the API, its interface, and uses, which can be found here:

https://github.com/MAECProject/python-maec/wiki/Comparator

 

An example of how to use the API can be found here:

https://github.com/MAECProject/python-maec/blob/master/examples/comparator_example.py

 

We welcome your feedback on this API as well as ideas on implementing other useful analytics in python-maec :-)

 

Regards,

Ivan Kirillov

MITRE