The ThreatQ Automated Contextualization Engine (ACE) Action is an action that utilizes the ThreatQ ACE Library to automatically parse context from data within ThreatQ.

The following action is provided:

• ThreatQ ACE - Unstructured Intelligence Parser - automatically parse context from data within ThreatQ.

The action is compatible with the following system object types:

• Malware
• Adversary
• Event
• Campaign
• Incident
• Attachment
• Report
• Tag

The action returns the following enriched system objects:

• Indicator
• Malware
• Adversary
• Attack Pattern
• Vulnerability
• Report
• Incident
• Campaign
• Event
• Attachment

Note:  This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.