The ThreatQ STIX 2.1 Export Action enables teams to export threat intelligence from the ThreatQ platform in the STIX 2.1 standard format for use in downstream tools, partner sharing, and broader intelligence workflows. By packaging data in a widely adopted, structured, and consistent schema, this action helps streamline automation, improve interoperability across systems, and support more effective collaboration for threat detection and response.

The integration provides the following action:

• ThreatQ - Export STIX 2.1 Indicators - exports threat intelligence data from ThreatQ in the STIX 2.1 format to a specified TAXII collection within an API root.

The integration is compatible with indicator objects and does not enrich or ingest additional system objects into ThreatQ.

Note: This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.