Concepts

Foundational Concepts

Mallory ingests OSINT (Open Source Intelligence) at scale, enabling the collection, processing, and analysis of vast amounts of publicly available information. This capability allows Mallory to provide comprehensive insights and intelligence on various entities, threats, and vulnerabilities.

Sources

Sources emit references that Mallory ingests automatically. A list sources can be found in the API.

References

References represent the content available at a URL. Each reference points to a unique URL and can be used to ingest various types of content, such as articles, documents, or papers.

Content Chunks

Content chunks belong to references and are chunked bits of content, generally semantically related. Every reference will have one or more content chunks. Each content chunk is analyzed for its semantic meaning and context.

Analysis

Analysis is performed on each chunk of content and is targeted to the type of content. Each analysis is unique to the content chunk and provides deeper insights and context about the content.

Entities

Entities are the subjects of the content. They are extracted from the content chunks and persisted in the database. Entities can be linked to other entities, and can be linked to references.

Types of entities include:

Malware
Ransomware
Threat Actors
Vulnerabilities
Indicators of Compromise
People
Organizations
Locations
etc.

Mentions

Mentions tie references to entities, through the content chunk in which the entity is mentioned. Mentions allow you to see the context of the entity in the reference.

Last updated 2 months ago