Emerging Threats delivers the most timely and accurate threat intelligence. Our fully verified intel provides deeper context and integrates seamlessly with your security tools to enhance your decision-making.

Connect Emerging Threats with Devo SOAR

1. Navigate to Automations > Integrations.

2. Search for Emerging Threats.

3. Click Details, then the + icon. Enter the required information in the following fields.

4. Label: Enter a connection name.

5. Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.

6. Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).

7. Remote Agent: Run this integration using the Devo SOAR Remote Agent.

8. After you've entered all the details, click Connect.

Actions for Emerging Threats

IP Lookup

Submit an IP address to perform a lookup against Emerging Threat's blacklist.

Input Field

Output

A JSON object containing multiple rows of result:

• result: Identifies the blacklist IPs.

{json}{ "ip": "", "positive_hit": "true" }

Release Notes

• v3.0.0 - Updated architecture to support IO via filesystem

• v2.0.5 - Added documentation link in the automation library.