Menu

Subscribe

YETI

Your Everyday Threat Intelligence


Meet the open, distributed, machine and analyst-friendly threat intelligence repository. Made by and for incident responders.


Yes, it's a bear, not a Yeti...

Quick install (the command we all love)
$ curl https://raw.githubusercontent.com/yeti-platform/yeti/master/extras/ubuntu_bootstrap.sh | sudo /bin/bash

Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables (e.g. resolve domains, geolocate IPs) so that you don't have to. Yeti provides an interface for humans (shiny Bootstrap-based UI) and one for machines (web API) so that your other tools can talk nicely to it.

The code

The doc

The mailing list

The blog

Learn more about Yeti in our introductory blogpost

Yeti Browse
Instantly search through millions of observables
Yeti Analytics
Easily track campaigns, related observables, malware, actors
Yeti Analytics
Enrich investigations with relationship graphs
Yeti Analytics
Easily add new data feeds
Yeti Analytics
Create custom analytics to automatically enrich observables

The Blog

Yeti's ecosystem

Yeti is a relatively new player in the threat intel platform game. How does it fit in with all the other tools that are out there? FAME? FIR? MISP? TheHive? Let’s have a look.

read more

Introducing the Yeti

After months of hard work, trial and error, and fighting with CSS alignment, we are happy to announce the release of Yeti: Your everyday Threat Intelligence platform. Although originally an independent project, Yeti would not have been able to exist without the team at CERT Société Générale, who put in countless hours testing the tool and orienting development to best suit their needs.

read more