• JP
  • magnifying glass search icon to open search field
  • お問い合わせ
  • リソースセンター
  • サポートを受ける
  • 現在、攻撃を受けていますか?
Palo Alto Networks logo
  • 製品
  • ソリューション
  • サービス
  • パートナー
  • 会社案内
  • 詳細
  • JP
    Language
  • お問い合わせ
  • リソースセンター
  • サポートを受ける
  • 現在、攻撃を受けていますか?
  • スタート ガイド

MineMeld

Orchestrate threat intelligence and enforce new prevention-based controls.

In order to prevent successful cyberattacks, many organizations collect indicators of compromise (IOCs) from various threat intelligence providers with the intent of creating new controls for their security devices. Unfortunately, legacy approaches to aggregation and enforcement are highly manual in nature, often creating complex workflows and extending the time needed to identify and validate which IOCs should be blocked.

Now security organizations can leverage MineMeld, an open-source application that streamlines the aggregation, enforcement and sharing of threat intelligence. MineMeld is available for all users directly on GitHub, as well as pre-built virtual machines (VMs) for easy deployment. With an extensible modular architecture, anyone can add to the MineMeld functionality by contributing code to the open-source repository.


MineMeld use cases

MineMeld supports a variety of use cases, with more being added each day by the community, including:

  • Aggregation and correlation of threat intelligence feeds
  • Enforcement of new prevention controls, including IP blacklists.
  • Evaluate the value of a specific threat intelligence feed for your environment.
  • Extract indicators from Palo Alto Networks device logs and share them with other security tools.
  • Share indicators with trusted peers.
  • Identify incoming sessions from Tor exit nodes for blocking or strict inspection.
  • Track Office365 URLs and IPs

Visit the MineMeld wiki


Aggregate and correlate threat intelligence feeds

MineMeld allows you to aggregate threat intelligence across public, private and commercial intelligence sources, including between government and commercial organizations.

MineMeld simplifies the collection and correlation of intelligence across:

  • Commercial threat intelligence feeds
  • Open-source intelligence (OSINT) providers
  • Threat intelligence platforms
  • ISACs
  • CERTs
  • Other MineMeld users

Once indicators are collected, MineMeld can filter, unduplicate and consolidate metadata across all sources, allowing security teams to analyze a more actionable set of data, enriched from multiple sources, for easier enforcement.


Automated enforcement of prevention-based controls

MineMeld natively integrates with Palo Alto Networks security platforms to automatically create new prevention-based controls for URLs, IPs and domain intelligence derived from all sources feeding into the tool. Now, organizations can simplify their workflows for blocking IOCs with External Dynamic Lists and Dynamic Address Groups, without spending additional resources to manage block lists, including the automated timeout of expired indicators. MineMeld further integrates with the Palo Alto Networks AutoFocus™ contextual threat intelligence service, allowing you to identify high-value, targeted indictors – in AutoFocus – and block them on your next-generation firewall with export lists and MineMeld.

Take a quick tour


Threat-intelligence-sharing ecosystem

Palo Alto Networks has partnered with other leading organizations to create a threat-intelligence-sharing ecosystem with native MineMeld support built in from the start. Additionally, the open-source availability inherent in MineMeld allows other providers to easily add integration with their offerings by building a new Miner.


Availability

MineMeld is publicly available to customers, partners and the security community as an open-source tool. You can get started using MineMeld by visiting:

  • LIVEcommunity page
  • GitHub

 


最新ニュース、イベント情報、脅威アラートを配信

このフォームを送信すると、利用規約とプライバシーに関する声明に同意したことになります 。

製品とサービス

  • AI利用ネットワーク セキュリティ プラットフォーム
  • AIのセキュア バイ デザイン
  • Prisma AIRS
  • AI Access Security
  • クラウド提供型セキュリティ サービス
  • Advanced Threat Prevention
  • Advanced URL Filtering
  • Advanced WildFire
  • Advanced DNS Security
  • Enterprise Data Loss Prevention
  • Enterprise IoT Security
  • Medical IoT Security
  • Industrial OT Security
  • SaaS Security
  • 次世代ファイアウォール
  • ハードウェア ファイアウォール
  • ソフトウェア ファイアウォール
  • Strata Cloud Manager
  • SD-WAN for NGFW
  • PAN-OS
  • Panorama
  • セキュア アクセス サービス エッジ
  • Prisma SASE
  • App Acceleration
  • 自律型デジタルエクスペリエンス管理
  • Enterprise DLP
  • Prisma Access
  • Prisma Access Browser
  • Prisma SD-WAN
  • リモート ブラウザ分離
  • SaaS Security
  • AI駆動型セキュリティ運用プラットフォーム
  • Cloud Security
  • Cortex Cloud
  • Application Security
  • Cloud Posture Security
  • Cloud Runtime Security
  • Prisma Cloud
  • AI駆動型SOC
  • Cortex XSIAM
  • Cortex XDR
  • Cortex XSOAR
  • Cortex Xpanse
  • Unit 42マネージド ディテクション&レスポンス
  • マネージドXSIAM
  • 脅威インテリジェンス&インシデント応答サービス
  • 予防評価
  • インシデント レスポンス
  • セキュリティ戦略を変革
  • 脅威インテリジェンスについて

会社名

  • パロアルトネットワークスについて
  • 採用情報
  • お問合せ
  • 企業責任
  • お客様向け
  • IR
  • 拠点
  • ニュースルーム

人気のあるリンク

  • ブログ
  • コミュニティ
  • コンテンツライブラリ
  • Cyberpedia
  • イベントセンター
  • 電子メール設定の管理
  • 製品A〜Z
  • 製品認証
  • 脆弱性の報告
  • サイトマップ
  • テクニカル ドキュメント
  • Unit 42
  • 個人情報の販売や共有はしないでください
PAN logo
  • プライバシー
  • トラスト センター
  • 利用規約
  • ドキュメント

Copyright © 2025 Palo Alto Networks. All Rights Reserved

  • Select your language