Microsoft Azure Sentinel Incidents CDF

Sentinel is a project of Microsoft Azure with the goal of alerting SOC’s of potential compromise. The Microsoft Azure Sentinel Incidents CDF retrieves those incidents.

Version

1.2.1

Categories

Enrichment & Analysis

Shodan Operation

The Shodan Operation for ThreatQuotient enables a user to query Shodan contextual information around FQDNs and IP Addresses.

Version

2.1.0

Categories

Enrichment & Analysis Open Source Intelligence

McAfee MVISION Operation

The McAfee MVISION Operation for ThreatQ enables analysts to fetch enrichment context from Insights as well perform actions on their hosts, such as adding or removing tags.

Version

1.0.1

Categories

Enrichment & Analysis

Check Point Reputation Operation

Enriches ThreatQ indicators with context obtained from the Check Point Reputation API.

Version

1.0.0

Categories

Enrichment & Analysis

VirusTotal Operation

The ThreatQuotient for VirusTotal Operation provides context in the form of attributes and indicator

Version

2.3.0

Categories

Enrichment & Analysis

The Media Trust

A threat feed, DTI provides real-time, actionable intelligence that is 100% derived from The Media T

Version

1.1.0

Categories

Commercial Intelligence

CORTEX XSOAR Integration for ThreatQ

XSOAR is a security automation and orchestration platform that integrates with ThreatQ

Version

1.X.X

Categories

Orchestration

RSA NetWitness Incidents CDF

The RSA NetWitness CDF for ThreatQuotient enables ThreatQ to automatically ingest incidents and their related indicators from RSA NetWitness.

Version

1.1.1

Categories

Enrichment & Analysis

Maltego Transforms for ThreatQ - Mac

Enable Mac users of Maltego to query ThreatQ for information on elements within Maltego.

Version

1.0.0-7

Categories

Enrichment & Analysis

Bulk CSV Exporter

The ThreatQuotient for Bulk CSV Exporter Connector allows a ThreatQ user to export a saved search fr

Version

1.1.0

Categories

Enrichment & Analysis

Accenture CTI

Accenture CTI delivers contextual security intelligence enabling businesses and governments to better defend against threats

Version

1.0.0

Categories

Commercial Intelligence

Symantec Endpoint Protection Connector

This is a custom connector for a Symantec Endpoint Protection instance. This connector is meant to attach to a single Symantec Endpoint Protection instance. The connector's purpose is to send MD5 hashes in saved searches from ThreatQ into Symantec Endpoint Protection as a single user specified file fingerprint list.

Version

1.0.0

Categories

Commercial Intelligence EDR

Infoblox Threat Intelligence Data Exchange (TIDE)

Threat feed to download lookalike FQDN indicators from the Infoblox TIDE database and ingest them into ThreatQ.

Version

1.1.0

Categories

Commercial Intelligence

Siemplify

The Siemplify integration for ThreatQ uses threat data in ThreatQ to enrich the Siemplify platform.

Version

1.0

Categories

Orchestration

AlienVault OTX

The world’s largest open threat intelligence community that enables collaborative defense with actio

Version

2.0.0

Categories

Open Source Intelligence

Farsight Security Operation

Joint solution of ThreatQ and Farsight Security allows organizations to quickly enrich threat data

Version

1.0.4

Categories

Enrichment & Analysis

NCFTA Malware

The ThreatQuotient for NCFTA Malware Application is a Uni-directional connector pulling information

Version

1.2.2

Categories

Open Source Intelligence Commercial Intelligence

Okta CDF

The Okta CDF for ThreatQ enables analysts to automatically pull back a list of users (and their identity information) from Okta, into ThreatQ.

Version

1.0.1

Categories

Enrichment & Analysis

GreyNoise Community Operation

The GreyNoise Community operations provides you with the ability to query info about an IP address from GreyNoise’s Community API.

Version

1.0.0

Categories

Open Source Intelligence

Reversing Labs

This integration ingests YARA Signatures(A 1000) and information associated with matched malware samples.

Version

1.0.0

Categories

Commercial Intelligence