The Securonix Operation enables ThreatQ to enrich platform objects with sighting and activity data sourced from the Securonix SNYPR SIEM. Through its Lookup capability, the operation queries the Securonix Activity Index to retrieve relevant intelligence and correlate observed activity with existing ThreatQ objects.

The integration provides the following action:

• Lookup - enriches ThreatQ objects with intelligence from the Securonix Activity Index.

The integration is compatible with the following object types:

• Assets
• Identities
• Indicators
  • Email Address
  • File Path
  • File Name
  • FQDN
  • IP Address
  • IPv6 Address
  • MD5
  • SHA-1
  • SHA-256
  • SHA-384
  • SHA-512
  • URL
  • Username