
Jun 21, 2023
1.0.0
ThreatQ version >= 5.12.1
AlienVault OTX Action
Overview
The AlienVault OTX action enables the automatic enrichment of IOCs using AlienVault OTX
The action can perform the following function:
- AlienVault OTX - Performs IOC lookups in AlienVault for enrichment and fetches file analysis context.
The action is compatible with the following indicator types:
- IP Address
- IPv6 Address
- FQDN
- MD5
- SHA-1
- SHA-256
- SHA-384
- SHA-512
- URL
- CVE
The action returns the following enriched system objects:
- Indicators
- Indicator Attributes
- Adversaries
- Tags
Note: This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.