Browse Apps
Integration Documentation
  • Last Updated
    Nov 20, 2024
  • Version
    1.0.0

    • Group-IB Action

    ThreatQuotient

    Overview

    The integration provides the following action:
    • GroupIB Enrichment - queries indicators contained in a threat-library against GroupIB collections and enriches them with the returned data.
    The action is compatible with the following indicator object types:
    • CVE
    • Email Address
    • File Path
    • Filename
    • FQDN
    • IP Address
    • MD5
    • SHA-1
    • SHA-256
    • Username
    The action returns the following enriched system objects:
    • Adversaries
    • Asset
    • Compromised Accounts
    • Compromised Cards
    • Identities
    • IMEI
    • Indicators
    • Malware
    • Money Mule
    • Organizations
    • Reports
    Note:  This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.

     

    Copyright © 2025, ThreatQuotient, Inc. All Rights Reserved. Privacy Policy