The Intel 471 Reports Action Bundle integration enriches ThreatQ objects with threat intelligence reports from the feeds published by Intel 471.

The integration provides the following actions:

• Intel 471 Reports Enrichment - queries data against Intel 471 Reports.
• Intel 471 Breach Alerts Enrichment - queries data against Intel 471 Breach Alerts.
• Intel 471 Spot Reports Enrichment - queries data against Intel 471 Spot Reports.

The actions are compatible with the following object types:

• Adversary
• Indicator
• Malware

The actions return the following enriched system objects:

• Adversary
• Attack Pattern
• Indicator
• Malware
• Report

Note: This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.