Submitting Reports
Anyone can contribute to Babel by submitting a public intelligence report. Babel extracts entities, relationships, and indicators automatically — no manual tagging required.
What makes a good submission
- A direct URL to a publicly accessible report, advisory, or blog post
- Reports from established vendors produce the most accurate extractions
- English-language reports yield the best results; other languages are supported but may have lower accuracy
- PDFs are supported via direct URL
- Duplicate URLs are detected and skipped automatically
What Babel extracts
- Threat actors and clusters — names, aliases, type, country, motivation
- Tools and malware — name, category (backdoor, ransomware, loader...), platform
- TTPs — MITRE ATT&CK IDs and technique names
- Indicators — IPs, domains, hashes, URLs, emails (enriched automatically)
- CVEs — exploited vulnerabilities referenced in the report
- Campaigns — named operations with target regions and sectors
WARNING
Extraction is automated and may contain errors. Confidence labels reflect certainty — edges labeled "Suspected" or "Possible" should be treated with caution. To report an extraction error, contact [email protected].
Via the web interface
Go to Submit, paste a URL, and track processing status in real time.
Via the API
See the Ingest a Report section in the API Reference.
