Tenable.io Operation

The ThreatQuotient for Tenable.io Operation queries Tenable.io for vulnerable hosts in an organizati

Version

1.1.0

Categories

Vulnerability Management

Rapid7 insightVM Operation

The ThreatQuotient for Rapid7 insightVM Operation allows a ThreatQ user to execute two CVE actions o

Version

1.1.0

Categories

Enrichment & Analysis Vulnerability Management

McAfee ATD Connector

McAfee ATD Connector for TQ.

Version

1.1.0

Categories

Commercial Intelligence Threat Prevention

SentinelOne

The SentinelOne CDF for ThreatQ, allows users to automatically ingest incidents and vulnerable app reports into ThreatQ.

Version

1.0.0

Categories

Network Management Threat Prevention

VMware Carbon Black Response EDR Operation

Integration for Enrichment and Analysis with the EDR

Version

1.2.1

Categories

Enrichment & Analysis EDR

Bulk Apply Attributes

The Bulk Apply Attributes connector allows a ThreatQ user to apply attributes (with a custom source/TLP) to any objects in a data collection.

Version

1.1.0

Categories

Commercial Intelligence
NEW

McAfee ATLAS CDF

Threat intelligence feed that ingests IP, FQDN, URL, Malware, Hashes, and Campaigns from the McAfee ATLAS data. The data is exported in JSON files, transfered to ThreatQ and imported by the feed.

Version

1.1.0

Categories

Commercial Intelligence

ThreatQ Chrome Extension

A Chrome Extension to give an analyst integration capabilities on any browser page, with ThreatQ

Version

1.0.0

Categories

Enrichment & Analysis

Splunk Phantom Operation

The Phantom App for ThreatQ enables customers to use the ThreatQ Threat LibraryTM as a customized en

Version

2.1.0

Categories

Orchestration

Spamhaus ZEN Operation

The Spamhaus ZEN Operation queries IP addresses and domains against the ZEN blocklist.

Version

1.0.0

Categories

Enrichment & Analysis

Digital Shadows Intelligence CDF

Ingest private and public incidents, as well as public threats from Digital Shadows

Version

1.1.0

Categories

Commercial Intelligence

Cyjax

The Cyjax for ThreatQ integration allows users to ingest incident reports and indicators of compromise from incidents and honeypots.

Version

1.0.0

Categories

Commercial Intelligence

MWDB CERT Polska CDF

The MWDB CERT Polska feed ingests malware information (hashes, related IoCs) from CERT Polska's MWDB. Malware families are ingested as malware objects and related to corresponding hash IoCs. The user also has the option to ingest/download the corresponding files.

Version

1.0.1

Categories

Commercial Intelligence Enrichment & Analysis

Celerium (NC4 Soltra) Edge Connector

The Celerium (NC4 Soltra) Edge Connector for ThreatQ enables a ThreatQ user to export STIX 1.X objects to their Celerium Edge instance.

Version

2.0.0

Categories

Commercial Intelligence

Censys Operation

Enriches ThreatQ system objects with context obtained from the CensysAPI.

Version

1.0.0

Categories

Enrichment & Analysis Commercial Intelligence

Joe Sandbox Operation

The ThreatQuotient for Joe Sandbox Operation provides context in the form of attributes and indicato

Version

1.1.1

Categories

Enrichment & Analysis Sandbox

MultiProxy Anonymous Proxy List

Multiproxy Anonymous Proxy List is an open source intelligence feed that provides a list of anonymou

Version

1.0.0

Categories

Open Source Intelligence
NEW

Infoblox BloxOne Connector

The Infoblox BloxOne Connector for ThreatQ provides you with the ability to upload IP Address, FQDN, and CIDR Block Indicator types to a Custom List in Infoblox Bloxone.

Version

1.0.0

Categories

Threat Prevention

Microsoft COVID-19 Threat Indicators

Microsoft open-sourcing new COVID-19 threat intelligence

Version

1.0.0

Categories

Open Source Intelligence

Recorded Future

Cut out laborious manual collection and get more context than threat feeds alone, all updated in rea

Version

2.6.1

Categories

Commercial Intelligence