Browse Apps
Integration Documentation
  • Last Updated
    Apr 4, 2024
  • Version
    2.0.0

    • Cisco Umbrella Investigate Operation

    ThreatQuotient

    umbrella.cisco.com/

    Overview

    The Cisco Umbrella Investigate Operation for ThreatQuotient enables a user to enrich indicators in ThreatQ with context from Cisco Umbrella.
    The operation provides the following actions:
    • Enrich - enriches a domain with contextual or historical metadata.
    • Get Samples - retrieves Cisco Threat Grid samples that are related to a given domain, IP, or URL.
    • Reverse WHOIS - retrieves domains related to a given email address.
    • Get Associated Names - retrieves domains related to a given IP Address.
    • Latest Malicious Domains - retrieves a list of malicious domains related to a given IP Address.
    The operation is compatible with the following indicator types:
    • Email Address
    • FQDN
    • IP Address
    • URL

    Copyright © 2025, ThreatQuotient, Inc. All Rights Reserved. Privacy Policy