ThreatQ Supported
ThreatQ On-Prem Connector for Microsoft Exchange
The ThreatQ On-Prem Connector for Microsoft Exchange is a unidirectional integration that integrates directly with the Microsoft Exchange mail server. The connector enables the ingestion of emails and attachments into ThreatQ and supports parsing emails and attachments as well as forwarded emails (spearphishing).
Version
1.1.1Categories
Enrichment & Analysis,Email
CDF for Microsoft Interflow Bing Malicious URLs
The ThreatQ CDF for Microsoft Interflow Bing Malicious URLs downloads URLs identified as malicious by Microsoft Bing. The URLs and their corresponding Destination IP addresses are then imported into your ThreatQ instance and related to one another.
Version
1.1.1Categories
Commercial Intelligence
Connector for Microsoft CTIP Hourly Summary
The ThreatQ Connector for Microsoft CTIP Hourly Summary allows a user to ingest indicators from Microsoft’s CTIP Infected Summary Hourly feed. This integration grabs the latest infected summary feed file, and uploads the malware and related indicators to ThreatQ.
Version
1.1.0Categories
Open Source Intelligence
Connector for Microsoft CTIP Daily Summary
The ThreatQ Connector for Microsoft CTIP Daily Summary provides you with the ability to ingest indicators from Microsoft’s CTIP Infected Summary Daily feed. The connector retrieves the latest infected summary feed file and uploads the malware and related indicators to the ThreatQ platform.
Version
1.0.0Categories
Open Source Intelligence
ThreatQ Connector for Microsoft CTIP Domains
The ThreatQ Connector for Microsoft CTIP Domains provides you with the ability to ingest indicators from Microsoft’s CTIP Domains feed. The integration obtains the latest domains file file, and uploads the malware and related indicators to ThreatQ.
