The Abnormal Security CDF enables analysts to automatically ingest their Abnormal Security Cases & Threats into ThreatQ.

The integration provides the following feeds:

• Abnormal Security - Cases - ingests cases from Abnormal Security and creates incidents in ThreatQ
• Abnormal Security - Threats - ingests threats from Abnormal Security and creates incidents in ThreatQ

The integration ingests the following system objects:

• Incidents
• Events
• Identities
• Indicators