
Aug 29, 2025
1.0.0
ThreatQ versions >= 5.12.1
Trellix Helix Action
Overview
The Trellix Helix Action for ThreatQ enables the automatic dissemination of malicious IOCs to a Trellix Helix Intel Matching List.
The following action is included:
- Trellix Helix - IOC Export - Exports IOCs to a Trellix Helix list.
The action is compatible with the following indicator types:
- IP Address
- IPv6 Address
- FQDN
- Email Address
- MD5
- SHA-1
The action returns enriched indicator system objects.
Note: This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.