Orfeo is a free Threat Intelligence application developed by Ewala, whose main objective is to centralize various IOCs sources and help security teams (Blue teams, SOCs, Incident Response Teams) to analyze digital threats.
How does Orfeo work?
Orfeo obtains IOCs daily from about 10 Anti-malware and Anti-spam sources and then incorporates the records into a centralized database; in a second phase, the CyberSOC team of Ewala analyzes the content and adds their own findings.
Can I run bulk queries?
At the moment it is not possible to execute massive queries against Orfeo, however, we are working so that you can access it through API Rest.
Orfeo has an extensive IOC lists (compromise indicators), incorporating both external and internal sources. The current database has the following number of records.
Orfeo is a free web application and allows you to centrally query against various threat engines.