Intrigue.io is a hosted platform build on top of our open data collection and normalization engine, Intrigue Core. Intrigue.io was designed and built with an open core architecture, enabling our team to partner closely with the technical security community, sharing and building techniques in an open way, whilst keeping things simple for paying customers who just need reliable and repeatable results.
A high level overview of the combined platform can be found below. Components labeled in blue are only available to customers in the hosted service.
The breakdown of responsibilities across these components roughly falls into the following categories.
Intrigue Core (Collection Engine) focuses on the following:
- Discovery techniques such as subdomain brute-forcing and port-scanning
- Integrations into third party asset and vulnerability focused data sources
- Normalization of disparate data sources into a common data model
Intrigue.io (Hosted Platform) focuses on the following:
- Automation of data refresh, orchestrating the collection engines
- Managing access to a wide variety of open and commercial sources
- Post-collection data analysis to extract “Issues” and other actionable data
- Indexing and enabling search of the discovered assets and issues
- Issues action workflow to triage findings an ensure they make their way to an owner
- Increased processing of data to help with integrations into other operations worfklows
- Reporting, notifications, and alerts