The SOCRadar CDF allows ThreatQ users to pull in data, such as feeds, leaks, alarms, and vulnerabilities, from SOCRadar’s API.

SOCRadar is an Extended Threat Intelligence (XTI) tool that is enriched with External Attack Surface Management and Digital Risk Protection. SOCRadar’s XTI product combines External Attack Surface Management, Digital Risk Protection, and Cyber Threat Intelligence modules to improve your security posture.

The integration provides the following feeds:

• SOCRadar Threat Feed - ingests indicators from SOCRadar’s Threat Feeds.
• SOCRadar Leaks - ingests leaked credentials for identities within your organization’s SOCRadar tenant.
• SOCRadar Alarms - ingests alarms from your organization’s SOCRadar tenant.
• SOCRadar Vulnerabilities - ingests vulnerabilities related to your organization’s assets, tracked in your SOCRadar tenant.

The integration ingests the following system object types:

• Assets
• Events
• Identities
• Indicators
• Vulnerabilities