• Sandbox

  • All Categories

  • Enrichment & Analysis

  • Intel Feeds
    • Commercial Intelligence
    • Open Source Intelligence

  • AI

  • Orchestration

  • SIEM & Log

  • Ticketing

  • EDR

  • Sandbox

  • Threat Prevention

  • Library

  • Network Management

  • Vulnerability Management

Sort by

Popular Newest Recently Updated A-Z Z-A

Back

Cisco Threat Grid

The Cisco Threat Grid CDF is a sandbox which allows the detonation of samples to generate analysis reports. The Cisco Threat Grid CDF for ThreatQ enables a user to ingest their organization’s sample analysis reports from Threat Grid. These samples can be filtered down by their threat score, so you are able to ingest only the detonations that your organization deems important to track.

Version

1.1.0

Categories

Commercial Intelligence,Sandbox

Download

ThreatQ Supported

CrowdStrike Falcon X Sandbox Feed

The Falcon Sandbox feed pulls reports for submitted files from Crowdstrike's Falcon Sandbox service

Version

1.1.2

Categories

Enrichment & Analysis,Commercial Intelligence,Sandbox

Download

ThreatQ Supported

CrowdStrike Falcon X Sandbox Operation

The Falcon X Sandbox operation submits files to the Falcon X Sandbox for analysis and fetches detonation reports. To ingest reports from Falcon X Sandbox, install the Falcon X Sandbox feed integration available on the ThreatQ Marketplace.

Version

1.1.1

Categories

Enrichment & Analysis,Sandbox

Download

ThreatQ Supported

Joe Sandbox Operation

The ThreatQuotient for Joe Sandbox Operation provides context in the form of attributes and indicato

Version

1.1.1

Categories

Enrichment & Analysis,Sandbox

Download

ThreatQ Supported

Cisco Threat Grid Operation

The ThreatQuotient for Threat Grid Operation gives users the ability to submit files, URLs, and doma

Version

1.2.2

Categories

Enrichment & Analysis,Sandbox

Download

ThreatQ Supported

Cuckoo Sandbox Operation

The ThreatQuotient for Cuckoo Operation allows a ThreatQ user to submit files and FQDNs/URLs to thei

Version

1.0.0

Categories

Enrichment & Analysis,Sandbox

Download

ThreatQ Supported

Zscaler Sandbox Operation

The ThreatQuotient for Zscaler Sandbox Operation runs and analyzes files in a virtual environment to

Version

1.1.0

Categories

Enrichment & Analysis,Sandbox

Download

ThreatQ Supported

Hybrid Analysis Sandbox

The Hybrid Analysis Operation for ThreatQ enables a ThreatQ user to submit samples to be detonated in the Hybrid Analysis sandbox, as well as fetch reports for samples.

Version

1.1.1

Categories

Enrichment & Analysis,Sandbox

Download

ThreatQ Supported

VMRay Operation

Automates the submission of files and URLs for analysis.

Version

1.2.0

Categories

Enrichment & Analysis,Sandbox

Download

ThreatQ Supported

VMRay Feed

Brings back precise and actionable results from the sandbox

Version

1.1.2

Categories

Commercial Intelligence,Sandbox

Download

ThreatQ Supported

PolySwarm Operation

The PolySwarm Operation for ThreatQ enables analysts to interact with PolySwarm by performing scans on files/URLs, enriching indicators, submitting YARA rules, and more.

Version

1.0.0

Categories

Sandbox

Download

Not Supported

Broadcom Content Analysis and Sandboxing Operation

The Broadcom Content Analysis and Sandboxing operation enriches ThreatQ indicators with context obtained from the Symantec Threat Intelligence API.

Version

1.0.0

Categories

Sandbox

Download

ThreatQ Supported

Trend Micro Deep Security Connector

The Trend Micro Deep Security connector is designed to export data collections comprised of IPv4 and IPv6 Addresses from ThreatQ to Trend Micro Deep Security. These data collections are accepted as IP Lists within Trend Micro, and are typically used for policies.

Version

1.0.0

Categories

Sandbox

Download

ThreatQ Supported