Browse Apps
Integration Documentation
  • Last Updated
    Apr 15, 2024
  • Version
    1.1.1
  • Compatibility
    ThreatQ versions >= 4.34

    • Cisco Threat Response (CiscoXDR) - Exporter

    ThreatQuotient

    www.cisco.com/c/en/us/products/security/threat-response.html

    Overview

    The Cisco Threat Response Exporter for ThreatQ allows a ThreatQ user to export indicator/observable judgements from ThreatQ to Cisco Threat Response via the Cisco Threat Intelligence API (CTIA)

    Notes : 

    • Due to an API limitation, the CTIA (Cisco Threat Intelligence API) will only allow TLP amber and/or red. As a result, all indicators being sent over to Cisco AMP will receive an Amber TLP (unless TLP red is applied in ThreatQ)
    • This integration will push judgements to your organization's private instance. This will not publish information to Cisco's public sources

    Checkout :

    • Cisco Threat Response (CiscoXDR) Enrichment & 
    • Cisco Threat Response (CiscoXDR) Operation

    https://helpcenter.threatq.com/Content/Resources/Videos/demo/Cisco_Threat_Response.mp4

    Copyright © 2025, ThreatQuotient, Inc. All Rights Reserved. Privacy Policy