Reversing Labs

This integration ingests YARA Signatures(A 1000) and information associated with matched malware samples.

Version

1.0.0

Categories

Commercial Intelligence

McAfee AR Operation

This operation enables analysts to query a McAfee Active Response instance for IP addresses and Hashes (MD5, SHA-1 and SHA-256). The search is done via a McAfee ePO. Any search results can be added as related indicators and/or attributes to the enriched indicator.

Version

2.0.3

Categories

Enrichment & Analysis

Sixgill DarkFeed

Sixgill's premium underground intelligence collection capabilities, real-time collection and advanced warning about IOCs to help you keep your edge against unknown threats

Version

1.0.2

Categories

Commercial Intelligence

McAfee TIE Connector

The integration will pull the indicator hashes from the ThreatQ Threat Library and push them to the TIE Server

Version

1.3.2

Categories

Orchestration

AVI iWAF Connector

The AVi WAF for ThreatQuotient integration uploads IPv4 address IoC’s to the AVi WAF to provide cyber threat intelligence context on potentially bad clients.

Version

1.0.1

Categories

Commercial Intelligence

ServiceNow App

ThreatQ ServiceNow App.

Version

1.0.9

Categories

Commercial Intelligence

Kaspersky COVID

Kaspersky COVID Open Source Feed

Version

1.0.0

Categories

Open Source Intelligence

Digital Element NetAcuity

Enrichment operation to geolocate and provide network information for IP addresses from the NetAcuity database.

Version

1.0.0

Categories

Enrichment & Analysis

McAfee TIE Reputation Change Connector

McAfee TIE Reputation Change Connector

Version

1.1.0

Categories

Enrichment & Analysis

Risk IQ Passive Total Operation

The Passive Total connector retrieves data from RiskIQ Community API.

Version

2.2.3

Categories

Enrichment & Analysis

Palo Alto Networks Autofocus Threat Intelligence

The ThreatQuotient for AutoFocus integration is a unidirectional connector that pulls information fr

Version

2.0

Categories

Commercial Intelligence

Phishtank

PhishTank is a free community site where anyone can submit, verify, track and share phishing data.

Version

2.0.0

Categories

Open Source Intelligence

Flashpoint CVE

Integration Ingests Vulnerabilities (CVEs) and its Related Objects.

Version

1.1.0

Categories

Commercial Intelligence

IronNet Connector

The IronNet custom connector ingests alerts and IoCs from an IronNet IronDefense appliance into ThreatQ as events. The user can also change the status of the events in ThreatQ, the change will be synced back to the IronNet appliance. The connector pulls alerts based on a date and severity score range.

Version

1.0.2

Categories

Commercial Intelligence

Elastic Stack

ThreatQ Elastic stack integration.

Version

2.1.3

Categories

SIEM & Log

Best Practical Request Tracker for IR (RTIR)

The ThreatQuotient for Request Tracker connector ensures that Request Tracker tickets that have been

Version

2.1.0

Categories

Ticketing

Hybrid Analysis Sandbox

The Hybrid Analysis Operation for ThreatQ enables a ThreatQ user to submit samples to be detonated in the Hybrid Analysis sandbox, as well as fetch reports for samples.

Version

1.0.0

Categories

Enrichment & Analysis

Bulk CSV Exporter

The ThreatQuotient for Bulk CSV Exporter Connector allows a ThreatQ user to export a saved search fr

Version

1.1.0

Categories

Enrichment & Analysis

Dragos

Dragos integration for ThreatQ

Version

1.0.0

Categories

Commercial Intelligence

Symantec Threat Intelligence

ThreatQ's Symantec Threat intelligence operation.

Version

1.0.0

Categories

Enrichment & Analysis