Share Your Research
with the Security Community
IntelWatchers is a community-driven threat intelligence platform. We publish research from independent security practitioners — malware analysts, incident responders, CTI analysts, and threat hunters. Your findings could help defenders worldwide.
What Can You Publish?
Research Report
RESEARCHIn-depth technical investigations into malware families, threat actor campaigns, or attack infrastructure. Typically 1,500–5,000 words with IOCs, YARA rules, or detection guidance.
Examples
- Malware reverse engineering writeups
- Threat actor TTP analysis
- Infrastructure tracking reports
- Campaign attribution studies
News & Briefings
NEWSTimely coverage of emerging threats, vulnerability disclosures, or security incidents. Shorter format (300–1,000 words) focused on what defenders need to know now.
Examples
- Vulnerability bulletins
- Active exploitation alerts
- Threat actor activity updates
- Security incident summaries
How It Works
Publisher access is admin-controlled to maintain content quality.
Register an Account
Create your IntelWatchers account. All new accounts start as pending publisher access.
Create Account →Admin Review
Our editorial team reviews your profile and background. We may reach out with questions. This typically takes 3–5 business days.
Publisher Access Granted
Once approved, you can access the editor and publish articles immediately. Draft articles are saved privately until you publish.
Write & Publish
Use our rich editor to write your report. Add tags, banner image, and set article type. IOCs are auto-extracted from your content on publish.
Open Editor →Editorial Guidelines
All published content must meet these standards. Articles that don't comply will be returned for revisions.
Technical Quality
- All technical claims must be backed by evidence (samples, network captures, code analysis)
- Include confidence levels when attributing to specific threat actors
- IOCs should be from confirmed malicious activity — no false positives
- YARA rules and Sigma detections must be tested before submission
Content Standards
- No vendor product promotion — articles must be vendor-neutral
- Clearly label speculation vs. confirmed findings
- No plagiarism — link original sources where building on prior work
- Defang IOCs in body text (use [.] notation), but submit clean values in the IOC fields
Responsible Disclosure
- Vulnerabilities in active exploitation require coordinated disclosure before publication
- Do not publish exploits that enable mass exploitation without prior CVE assignment
- Contact us at security@intelwatchers.org for sensitive disclosures
- Respect responsible disclosure timelines agreed with vendors
Formatting
- Use clear section headings to structure long-form content
- Include an executive summary or TL;DR for reports over 2,000 words
- Embed screenshots or diagrams where they aid understanding
- Tag articles accurately — tags power the Topics Explorer and help readers find your work
Tagging Your Article
Tags are how readers discover your work in the Topics Explorer. Use consistent, lowercase hyphenated tags:
Malware Families
emotet, cobalt-strike, lockbit, qakbot, asyncrat
Threat Actors
apt28, lazarus-group, fin7, scattered-spider
Techniques
phishing, living-off-the-land, supply-chain, lateral-movement
Industries
financial, healthcare, critical-infrastructure, government
Ready to Contribute?
Create your account and apply for publisher access. We review every application personally.