VMware Carbon Black Cloud Enterprise EDR

Brings in Intelligence seen with VMWare CB Cloud Enterprise EDR

Version

1.0.1

Categories

Commercial Intelligence

Dragos

Dragos integration for ThreatQ

Version

1.0.0

Categories

Commercial Intelligence
NEW

US-Cert Tips CDF

This integration consumes data provided by the US CERT to notify organizations about threats that exist on the Internet.

Version

2.0.0

Categories

Open Source Intelligence

Proofpoint Emerging Threats Intelligence

Enhance your security tools with more visibility, research and fewer false positives.

Version

2.1.0

Categories

Commercial Intelligence

ZScaler Sandbox Operation

The ThreatQuotient for Zscaler Sandbox Operation runs and analyzes files in a virtual environment to

Version

1.0.0

Categories

Enrichment & Analysis
NEW

SentinelOne Operation

The SentinelOne Operation for ThreatQuotient enables a user to interact with SentinelOne and decreasing the time-to-mitigation for a given threat.

Version

1.0.0

Categories

Enrichment & Analysis
NEW

MWDB CERT Polska CDF

The MWDB CERT Polska feed ingests malware information (hashes, related IoCs) from CERT Polska's MWDB. Malware families are ingested as malware objects and related to corresponding hash IoCs. The user also has the option to ingest/download the corresponding files.

Version

1.0.1

Categories

Commercial Intelligence Enrichment & Analysis

RSA NetWitness CDF

The RSA NetWitness CDF for ThreatQuotient enables ThreatQ to automatically ingest incidents and their related indicators from RSA NetWitness.

Version

1.0.0

Categories

Enrichment & Analysis

Infoblox Grid

Adds and deletes IOCs (IP Address, FQDN and CIDR Block) to/from Infoblox DNS Response Policy Zone (RPZ). IOCs added to the RPZ are dropped/blocked by the DNS resolver.

Version

1.4.0

Categories

Sensors

McAfee ATD Connector

McAfee ATD Connector for TQ.

Version

1.1.0

Categories

Commercial Intelligence

Accenture iDefense

Accenture iDefense delivers contextual security intelligence enabling businesses and governments to better defend against threats

Version

1.0.0

Categories

Commercial Intelligence

CrowdStrike Falcon X Sandbox Operation

The Falcon X Sandbox operation enriches hash indicators (MD5, SHA-1, or SHA-256) or sends URLs or file

Version

1.1.1

Categories

Enrichment & Analysis

Intel471 Freemium Malware Intelligence

This integration provides a small subset, 3 malware families, of the full Intel 471 Malware feed

Version

1.0.2

Categories

Commercial Intelligence

Joe Sandbox Operation

The ThreatQuotient for Joe Sandbox Operation provides context in the form of attributes and indicato

Version

1.1.1

Categories

Enrichment & Analysis

FireEye HX Exports

The FireEye HX Export Connector for ThreatQ enables the automatic export of IOCs to Indicator Rules in FireEye HX. This connector has the ability to export up to 10,000 IOCs per type (FQDNs, IPs, & MD5s).

Version

1.0.1

Categories

Commercial Intelligence

VMware Carbon Black Cloud Platform Alerts

Allows a user to ingest alerts from their Carbon Black Cloud instance as incidents in ThreatQ.

Version

1.0.3

Categories

Commercial Intelligence

IBM X-Force Exchange Connector

X-Force Exchange Connector is a uni-directional connector that pulls information from collections

Version

1.4.3

Categories

Commercial Intelligence

McAfee TIE Reputation Change Connector

McAfee TIE Reputation Change Connector

Version

1.1.0

Categories

Enrichment & Analysis

MISP Galaxy

Collection of feeds that provide MISP Galaxy Cluster context

Version

1.0.0

Categories

Open Source Intelligence

MISP Export

Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing

Version

1.1.0

Categories

Enrichment & Analysis