The Flashpoint Ignite Action integration enriches indicators ingested by the FlashPoint Ignite CDF. The action uses the Flashpoint ID to retrieve details and relates attack patterns and sighted related indicators based on user configuration.

The integration provides the following actions:

• Flashpoint Ignite - IOC Enrichment - enriches Flashpoint Ignite indicators with attack patterns and sighted related indicators.

The action is compatible with the following indicator types:

• FQDN
• IP Address
• MD5
• SHA-1
• SHA-256
• URL

The action returns the following enriched system objects:

• Indicators
• Indicator Attributes
• Attack Patterns

Note: This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.