• Last Updated
    Dec 19, 2023
  • Version
    1.0.1
  • Compatibility
    ThreatQ versions >= 4.25.0
  • Blueliv CTI Intelligence

    Overview

    The Blueliv Intelligence integration for ThreatQ allows a user to ingest Blueliv's cyber threat intelligence from their v1 API

    Supported CTI feeds:

    • Bot IPs
    • Crimeservers
    • Attacking IPs
    • Malware

    Blueliv provides automated, real-time threat intelligence data, ultimately streamlining the delivery of valuable data into ThreatQ for analysis and correlation with network events.

    Pairing Blueliv’s confidence level with ThreatQ’s Scoring System helps analysts reduce the noise and identify relevant events more quickly.

    • Blueliv’s attack feed provides targeted information, making it easier to find, mitigate and contain the attack.
    • Importing IP and FQDN indicators associated with botnets and crime servers
    • Ingesting hashes and attributes indicating the type, family, architecture and confidence of the malware
    • Creating relationships between related IPs, hashes and FQDNs

    About Blueliv

    Blueliv is a leading provider of targeted cyber threat information and analysis intelligence for large enterprises, service providers and security vendors. Its cyber threat platform and feed addresses a comprehensive range of cyber threats to turn global threat data into predictive, actionable intelligence that detects, identifies and helps stop cyber threats. Blueliv’s clients include leading bank, insurance, telecom, utility and retail enterprises in Europe, and the company has alliances with leading security vendors and other organizations to share cyber intelligence. 

    Copyright © 2025, ThreatQuotient, Inc. All Rights Reserved. Privacy Policy