ThreatQ platform has taken a threat-centric approach to security operations. This approach allows security teams to prioritize based on threat and risk, collaborate across teams, automate actions and workflows, and integrate point products into a single security infrastructure.
ThreatQ Open Exchange includes a Configuration Driven Feed (CDF), Software Development Kit (SDK), easy-to-use Application Programming Interface (API) and a comprehensive set of industry-standard interfaces to fully integrate with the equipment, tools, technologies, people, organizations and processes that protect your business.
Loginsoft developed an Integration App to ingest Threat Intelligence Feed into the ThreatQ platform. Integration App is developed using ThreatQ's Open Exchange Framework that allows building a powerful and robust definitions to ingest Threat Intelligence data from a Feed Provider.
Integration Highlights:
2. Submit Integration for Approval:
Integration is submitted to ThreatQuotient’s Engineering team for approval. This includes providing Feed Details, Publisher, Feed Type (Commercial or Open Source Intelligence), Vendor Logo, YAML file and User Manual
Here is a look inside the ThreatQ platform with the Threat Intelligence Feed added.
Sample screen that shows ThreatQ’s Threat Library (like Adversaries, Attack Patterns, Campaigns, Indicators, Intrusion Sets, Malware, Signatures, TTPs and Vulnerabilities etc.).
Sample IP Address Indicator with Attributes.
IN-HOUSE EXPERTISE
Get practical solutions to real-world challenges, straight from experts who conquered them.
View all our articles