Cisco Threat Response (SecureX) - Exporter

Overview

The Cisco Threat Response Exporter for ThreatQ allows a ThreatQ user to export indicator/observable judgements from ThreatQ to Cisco Threat Response via the Cisco Threat Intelligence API (CTIA)

Notes : 

  • Due to an API limitation, the CTIA (Cisco Threat Intelligence API) will only allow TLP amber and/or red. As a result, all indicators being sent over to Cisco AMP will receive an Amber TLP (unless TLP red is applied in ThreatQ)
  • This integration will push judgements to your organization's private instance. This will not publish information to Cisco's public sources

Checkout :

  • Cisco Threat Response (SecureX) Enrichment & 
  • Cisco Threat Response (SecureX) Operation

https://helpcenter.threatq.com/Content/Resources/Videos/demo/Cisco_Threat_Response.mp4

What's New

Version: 1.1.1

Download

Version: 1.0.0

Download