Maltego Product Overview
Maltego is an open source intelligence and graphical link analysis tool to gather information for investigative tasks. With Maltego, you can easily mine data from dispersed sources, automatically merge matching information into one graph, and visually map it to explore your data landscape.
Maltego comes in different sizes and flavors, which means that you can pick and choose options from our product range to best suit your individual needs. In general, the Maltego experience is made up of three elements:
The Maltego Desktop Client ๐︎
The Maltego Desktop Client is the visual interface in which all gathered information is linked and combined. It is a Java application that runs on Windows, Mac, and Linux. The graphical user interface allows users to create graphs step-by-step in an intuitive and interactive way (point-and-click).
Based on the scope and use case of the investigative task, there are four types of Maltego Desktop Clients available:
Free Versions ๐︎
Maltego Community Edition (CE)
Maltego CE is for non-commercial users. It offers the ability to perform link analyses on up to 10,000 Entities in one single graph. Further, it returns up to 12 answers (Entities) per Transform. Maltego CE is easy to use, quick to install and completely free of charge.Maltego CaseFile
Maltego CaseFile is an offline version of the Maltego Desktop Client. It is essentially the same application but does not require the use of Transforms. CaseFile is designed for ‘offline’ analyses that primarily use information which is not gained from data providers or queried automatically.
Commercial Versions ๐︎
Our commercial versions of the Maltego Desktop Client give you immediate access to our OSINT Transforms on our commercial Transform server as well as access to our commercial hub partners. While most hub partners offer immediate access to their API, in some cases you may require a separate API key from a hub partner for full access. Our OSINT Transforms are readily available for you to use (some Transforms are rate-limited).
Maltego Classic
Maltego Classic provides access to all functionalities of Maltego. It allows you to explore graphs with up to 10,000 pieces of information and to receive up to 10,000 Entities per performed Transform.Maltego XL
Maltego XL is our answer for large investigations. It includes all the functionalities of Maltego Classic but with the enhanced capability of working with extremely large graphs. Maltego XL allows you to visualize graphs with up to 1,000,000 pieces of information and to receive up to 64,000 Entities per performed Transform.
Which version is right for me? ๐︎
| Maltego XL | Maltego Classic | Maltego CE | CaseFile | |
|---|---|---|---|---|
| Commercial Use | โ๏ธ | โ๏ธ | โ๏ธ | โ๏ธ |
| Access to commercial Transform Hub | โ๏ธ | โ๏ธ | โ๏ธ | N/A |
| Use with Internal Transform servers | โ๏ธ | โ๏ธ | โ๏ธ | N/A |
| Standard OSINT Transforms | โ๏ธ | โ๏ธ | โ๏ธ | โ๏ธ |
| Max number of results per Transform | 64,000 | 10,000 | 12 | N/A |
| Max number of Entities on a graph | 1,000,000 | 10,000 | 10,000 | N/A |
| Technical support | โ๏ธ | โ๏ธ | โ๏ธ | โ๏ธ |
| Graph Export (CSV, XLS, XLSX, PDF and Image formats) | โ๏ธ | โ๏ธ | โ๏ธ | โ๏ธ |
| Graph Import (CSV, XLS, XLSX) | โ๏ธ | โ๏ธ | โ๏ธ | โ๏ธ |
| Shared Graph Sessions (Collaboration) | โ๏ธ | โ๏ธ | โ๏ธ | โ๏ธ |
| Machines (Transform Macros) | โ๏ธ | โ๏ธ | โ๏ธ | N/A |
| Collection Nodes | โ๏ธ | โ๏ธ | โ๏ธ | โ๏ธ |
Technical Details ๐︎
Hardware requirements
- Java 8, 64 bit.
- at least 2GB of RAM, but the more the merrier
- any modern multi-core processor
- 4GB of disk space is more than enough
- a mouse makes navigating Maltego graphs easy and convenient
Network requirements
- internet access to use all functionalities
- the client will need to make outgoing connections on the following ports: 80, 443, 8081. Additionally, port 5222 is needed to join shared graphs on Patervaโs public Comms server.
- A Maltego client may need to make connections to additional ports if transforms from 3rd party vendors are used.
Maltego Servers ๐︎
As regards the backend infrastructure that takes care of the data queries, we offer different server solutions. In this way, customers can choose the appropriate infrastructure to meet their infrastructural requirements.
By default, data queries for all versions of the Maltego Desktop Client travel via the public, commercial Maltego Transform Servers. Additionally, we offer the ability to deploy Maltego’s capabilities within your own network with our on-premise servers. With that, customers can host Maltego on-premise and run analyses in their own controlled environment. Additionally, an internal server offers the ability to integrate internal data, leverage internal processes, and distribute Transforms across the organization. To date, we offer three different server products:
CTAS (Commercial Transform Application Server)
CTAS is a copy of the Maltego commercial Transform server and comes with all default Maltego OSINT Transforms. With CTAS, all Maltego functionalities can be used within the own secured network. You can even use your own API keys for some services to unlock unlimited access.iTDS (Internal Transform Distribution Server)
The iTDS is designed for users who want to integrate own data into Maltego by building custom Transforms. iTDS enables users to link internal data sources to Maltego and allows distributed team members to use them โ while always remaining in control of where the data goes. The iTDS is configured and managed using a web-interface.COMMS (Internal Transform Distribution Server)
Out of the box, Maltego supports real-time collaboration between investigators via the Internet. With the COMMs server, this functionality can be deployed in-house if there is a preference that all information flows stay within the organizationโs infrastructure.
Access Data Sources via the Maltego Transform Hub ๐︎
The Maltego Transform Hub displays all data integrations from public repositories (OSINT) or commercial vendors that come with predefined Transforms โ meaning that Maltego users can integrate them with only a few clicks. The Transform Hub is easily accessible via the Maltego Desktop Client. To date, we offer data integrations from over 30 partners and a library of hundreds of predefined Transforms. With some programming knowledge, you can also add almost any data source to Maltego by using the Transform Development Toolkit, which allows you to write your own Transform Server.