The AlienVault OTX action enables the automatic enrichment of IOCs using AlienVault OTX

The action can perform the following function:

• AlienVault OTX - Performs IOC lookups in AlienVault for enrichment and fetches file analysis context.

The action is compatible with the following indicator types:

• IP Address
• IPv6 Address
• FQDN
• MD5
• SHA-1
• SHA-256
• SHA-384
• SHA-512
• URL
• CVE

The action returns the following enriched system objects:

• Indicators
  • Indicator Attributes
• Adversaries
• Tags

Note:  This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.