Skip to main content

Security Enrichment Framework

Project description

Enrichr Vision

Enrichr is a python framework which sets out to address the security integration problem that vendors and analysts have. While the core functionality of Enrichr is targeted towards security enrichment, plugins are not limited to just enrichment. For example, plugins can push data, dispatch reporting jobs, add indicators to blacklists or other functionality.

There are 3 primary audiences for Enrichr:

  • Security analysts
  • Data Providers
  • Security Integrators

Security Analysts

Enrichr has a robust command line interface that can be used in day to day workflows. Enrichr provides a consistent method of interacting with many different vendor enrichments and provides a common workflow.

Additionally, since the framework is written in python and has sane defaults, analysts can use enrichr to automate either via bash scripts or simple python scripts.

Data Providers

If you are a security vendor or provide data products, you no dobut realize how hard it can be to maintain integrations with dozens or hundreds of other products. Enrichr aims to alleviate those issues by providing a sane, tested framework that system integrators such as SIEM, SOAR and MSSP Providers can interface with third party products via a common interface.

Additionally, enrichr plugins are extremely flexible, so it is possible to expose advanced features and use enrichr as the primary API client for your customers to interact with your service.

Security Integrators

Enrichr provides a high quality, standardized interface to a number of different security products that are supported by the community. This provides a rich ecosystem that integrators such as SOAR vendors, SIEM products and MSSPs can immediately utilize, so they can focus on their core areas of expertise rather than having to constantly worry about integrations.

Official Plugins

Official plugins have rigorous standards that ensure integrators have a supported interface when interacting with different security products. These standards require that each plugin include things like unit tests, documentation, examples, packaging and continuous integration.

Community Plugins

Plugins that do not meet the standards or are maintained by third parties are considered community plugins. While they still have standards that they conform to, these plugins might be missing things like unit tests, examples or comprehensive documentation.

Repository and Module Structure

Enrichr splits each plugin into its own python module and repository. The main reason for this is a practical one, if there are third party dependencies that are required for a module to be supported, for example a yara or fuzzy hashing library that need to have C dependencies, enrichr shouldn't pull those in by default. Additionally, each plugin should be pushed to the Python Package Index through CI.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

enrichr-0.0.5.tar.gz (19.9 kB view details)

Uploaded Source

Built Distribution

enrichr-0.0.5-py3-none-any.whl (19.9 kB view details)

Uploaded Python 3

File details

Details for the file enrichr-0.0.5.tar.gz.

File metadata

  • Download URL: enrichr-0.0.5.tar.gz
  • Upload date:
  • Size: 19.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.1 importlib_metadata/4.5.0 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.61.0 CPython/3.9.5

File hashes

Hashes for enrichr-0.0.5.tar.gz
Algorithm Hash digest
SHA256 66c00b2b767074435d6bd3c3a0b6f31511dc38627df6ea61da387728c5eea62a
MD5 0e875d1ccd4cece05b4fbab92d530c97
BLAKE2b-256 0e05b17e36ec9e492adbd3d70ccd55486a2e3c6a1fc62d18dbf9994e9e2ede5f

See more details on using hashes here.

File details

Details for the file enrichr-0.0.5-py3-none-any.whl.

File metadata

  • Download URL: enrichr-0.0.5-py3-none-any.whl
  • Upload date:
  • Size: 19.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.1 importlib_metadata/4.5.0 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.61.0 CPython/3.9.5

File hashes

Hashes for enrichr-0.0.5-py3-none-any.whl
Algorithm Hash digest
SHA256 d53052e3099ba65696922d567aec9d0fe849c78b744b0ee8b31f5aedf02368fe
MD5 ccd84de3f3eb078377a08e24df3ad04d
BLAKE2b-256 5542e62069b29b5b96d3cead711c5b51eacbfbcd8a235a87d215b401c8f84d18

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page