• Last Updated
    Jun 21, 2023
  • Version
    1.0.0
  • Compatibility
    ThreatQ version >= 5.12.1
  • AlienVault OTX Action

    ThreatQuotient

    Overview

    The AlienVault OTX action enables the automatic enrichment of IOCs using AlienVault OTX

    The action can perform the following function:

    • AlienVault OTX - Performs IOC lookups in AlienVault for enrichment and fetches file analysis context.

    The action is compatible with the following indicator types:

    • IP Address
    • IPv6 Address
    • FQDN
    • MD5
    • SHA-1
    • SHA-256
    • SHA-384
    • SHA-512
    • URL
    • CVE

    The action returns the following enriched system objects:

    • Indicators
      • Indicator Attributes
    • Adversaries
    • Tags

    Note:  This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.

     

    Copyright © 2025, ThreatQuotient, Inc. All Rights Reserved. Privacy Policy