ThreatQ Supported
ReversingLabs Operation
The ReversingLabs Operation enriches ThreatQ objects with context obtained from the ReversingLabs API. Once a submission has happened, users can decide to add these attributes to ThreatQ as well as download the original ReversingLabs Summary Report.
Version
1.4.0Categories
Enrichment & Analysis
ReversingLabs Action Bundle
The ReversingLabs Action Bundle enables seamless integration between ThreatQ and ReversingLabs Spectra Analyze, allowing analysts to enrich indicators with advanced threat intelligence and malware analysis data. This bundle automates the enrichment of URLs, FQDNs, and file hashes by submitting supported indicators to the ReversingLabs API and ingesting the resulting classification and contextual analysis back into ThreatQ.