ThreatQ Marketplace – Integrations to improve your workflow

Select Category
All Categories
Enrichment & Analysis
Intel Feeds
Commercial Intelligence
Open Source Intelligence
AI
Orchestration
SIEM & Log
Ticketing
EDR
Sandbox
Threat Prevention
Library
Network Management
Vulnerability Management

CrowdStrike Falcon Intelligence CDF

CrowdStrike is a cybersecurity technology firm pioneering cloud-delivered next-generation endpoint protection and services. The CrowdStrike Falcon platform stops breaches by preventing, detecting, and responding to all attack types, at every stage – even malware-free intrusions.

Version

3.5.2

Categories

Commercial Intelligence

ThreatQ Supported

Proofpoint Emerging Threats Intelligence

Enhance your security tools with more visibility, research and fewer false positives.

Version

2.1.1

Categories

Commercial Intelligence

ThreatQ Supported

Cofense Intelligence

Cofense Intelligence enables you to normalize, relate, enrich and track phishing threats.

Version

1.0.7

Categories

Commercial Intelligence

ThreatQ Supported

Recorded Future

Cut out laborious manual collection and get more context than threat feeds alone.

Version

2.12.1

Categories

Commercial Intelligence

ThreatQ Supported

National Vulnerability Database (NVD)

This integration ingests CVE data from the National Vulnerability Database.

Version

3.0.4

Categories

Open Source Intelligence

ThreatQ Supported

AlienVault OTX

The world’s largest open threat intelligence community that enables collaborative defense with actio

Version

2.0.1

Categories

Open Source Intelligence

ThreatQ Supported

abuse.ch Intelligence

Intelligence for fighting malware

Version

1.6.0

Categories

Open Source Intelligence

ThreatQ Supported

Trellix (McAfee) TIE Connector

The integration will pull the indicator hashes from the ThreatQ Threat Library and push them to the TIE Server

Version

1.4.1

Categories

Orchestration

ThreatQ Supported

Bambenek Consulting Intelligence

Threat Intelligence focused on tackling major criminal threats.

Version

2.1.4

Categories

Commercial Intelligence

ThreatQ Supported

Best Practical Request Tracker for IR (RTIR)

The ThreatQuotient for Request Tracker connector ensures that Request Tracker tickets that have been

Version

2.1.0

Categories

Ticketing

ThreatQ Supported

Phishtank

PhishTank is a free community site where anyone can submit, verify, track and share phishing data.

Version

2.1.0

Categories

Open Source Intelligence

ThreatQ Supported

ThreatQ App for IBM QRadar

The application allows IBM QRadar to ingest ThreatQ indicators of compromise (IoCs) into references

Categories

SIEM & Log

ThreatQ Supported

Trellix (McAfee) TIE Operation

The Trellix (formerly McAfee) TIE operation can query the TIE server for indicator enrichment information

Version

1.3.0

Categories

Enrichment & Analysis

ThreatQ Supported

Malware Patrol Intelligence

This Malware Patrol Connector ingests threat intelligence data from seven Malware Patrol feeds. The

Version

2.0.1

Categories

Commercial Intelligence

ThreatQ Supported

Cisco Threat Grid

The Cisco Threat Grid CDF is a sandbox which allows the detonation of samples to generate analysis reports. The Cisco Threat Grid CDF for ThreatQ enables a user to ingest their organization’s sample analysis reports from Threat Grid. These samples can be filtered down by their threat score, so you are able to ingest only the detonations that your organization deems important to track.

Version

1.1.0

Categories

Commercial Intelligence,Sandbox

ThreatQ Supported

Splunk Phantom Operation

The Phantom App for ThreatQ enables customers to use the ThreatQ Threat LibraryTM as a customized en

Version

2.1.0

Categories

Orchestration

ThreatQ Supported

MISP Import CDF

A uni-directional connector which imports MISP events, adversaries, indicators, galaxies etc.

Version

2.4.1

Categories

Enrichment & Analysis

ThreatQ Supported

D3 Security

For security teams to successfully filter through a non-stop stream of alerts and identify the real

Categories

Orchestration

Developer Supported

DomainTools Operation

The ThreatQuotient for DomainTools Operation provides context in the form of attributes and indicato

Version

3.0.0

Categories

Enrichment & Analysis

ThreatQ Supported

Flashpoint Ignite CDF

The Flashpoint Ignite CDF delivers actionable threat intelligence in the form of compromised Adversaries, Attack Patterns, Compromised Cards, Events, Indicators, Malware, Reports and Vulnerabilities.

Version

3.3.6

Categories

Commercial Intelligence

ThreatQ Supported

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24