McAfee ATD Connector

McAfee ATD Connector for TQ.

Version

1.1.0

Categories

Commercial Intelligence Threat Prevention

Bulk Apply Attributes

The Bulk Apply Attributes connector allows a ThreatQ user to apply attributes (with a custom source/TLP) to any objects in a data collection.

Version

1.1.0

Categories

Commercial Intelligence

Spamhaus ZEN Operation

The Spamhaus ZEN Operation queries IP addresses and domains against the ZEN blocklist.

Version

1.0.0

Categories

Enrichment & Analysis

FireEye Operation

The ThreatQuotient for FireEye Intelligence Operation gives the ability to ThreatQ users to search for indicators in FireEye Intelligence reports.

Version

1.0.0

Categories

Enrichment & Analysis

Checkpoint Sandblast

The Checkpoint Sandblast Operation enables a user submit files, hashes, and URLS to Checkpoint for analysis. Users can then choose to add these object to their ThreatQ instance.

Version

1.0.0

Categories

Threat Prevention

VMware Carbon Black Response EDR Operation

Integration for Enrichment and Analysis with the EDR

Version

1.2.1

Categories

Enrichment & Analysis EDR

FireEye AX Operation

The ThreatQuotient for FireEye AX Operation provides a ThreatQ user with the ability to interact wit

Version

1.0.2

Categories

Enrichment & Analysis

ThreatQuotient Add-on for Splunk

The ThreatQuotient Add-On for Splunk

Version

N/A

Categories

SIEM & Log

Microsoft COVID-19 Threat Indicators

Microsoft open-sourcing new COVID-19 threat intelligence

Version

1.0.0

Categories

Open Source Intelligence

ExtraHop Connector

Allows the user to export indicators directly to Extrahop.

Version

1.2.0

Categories

SIEM & Log

Celerium (NC4 Soltra) Edge Connector

The Celerium (NC4 Soltra) Edge Connector for ThreatQ enables a ThreatQ user to export STIX 1.X objects to their Celerium Edge instance.

Version

2.0.0

Categories

Commercial Intelligence

Censys Operation

Enriches ThreatQ system objects with context obtained from the CensysAPI.

Version

1.0.0

Categories

Enrichment & Analysis Commercial Intelligence

Intel471 Reports

Returns list of Information Reports or Fintel Reports matching filter criteria.

Version

1.0.3

Categories

Commercial Intelligence Intelligence Reports

Snort Community Rules

The ThreatQuotient for Snort Community Rules Application downloads and ingests the Snort community r

Version

1.1.1

Categories

Open Source Intelligence

Shodan Operation

The Shodan Operation for ThreatQuotient enables a user to query Shodan contextual information around FQDNs and IP Addresses.

Version

2.1.0

Categories

Enrichment & Analysis Open Source Intelligence

Veris VCDB

The VERIS Community Database (VCDB) is an open and free repository of publicly-reported security incidents.

Version

1.0.0

Categories

Open Source Intelligence

Team Cymru Controller Feed

Team Cymru Controller feed provides visibility into botnets that typically evade monitoring.

Version

1.0.0

Categories

Commercial Intelligence
NEW

MITRE ATT@CK CAPEC CDF

The MITRE ATT@CK CAPEC CDF for ThreatQuotient enables the automatic ingestion of Common Attack Pattern Enumerations and Classifications distributed by MITRE.

Version

1.0.0

Categories

Open Source Intelligence Intelligence Reports

Team Cymru Recon Operation

This Operation ingests FQDN and IP Addresses to the Team Cymru Recon platform. To get the full experience of this operation, please use in conjunction with the Team Cymru Recon Feed.

Version

1.0.0

Categories

Enrichment & Analysis

ThreatQ App for IBM Resilient

Enables real-time interaction between Resilient and ThreatQ & contextual actions on those artifacts

Version

1.X.X

Categories

Ticketing