The TeamT5 ThreatVision Action Bundle enables the automatic extraction of FQDNs (or IP Addresses) from URLs within your Threat Library.

The integration provides the following actions:

• TeamT5 ThreatVision - ITM Enrichment - uses the TeamT5 ThreatVision’s ITM API to fetch enrichment for network indicators (IPs & Domains).
• TeamT5 ThreatVision - Sample Enrichment - uses the TeamT5 ThreatVision’s Sample API to fetch enrichment for file indicators (MD5, SHA1, SHA256).

The action is compatible with the following indicator types:

• IP Address
• FQDN
• URL
• MD5
• SHA-1
• SHA-256

The action returns the following enriched indicator types:

• IP Address
• FQDN
• URL
• MD5
• SHA-1
• SHA-256

Note:  This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.