Document toolboxDocument toolbox

Threat Intelligence

Owned by Juan Tomás Alonso Nieto (Deactivated)
May 08, 2023
2 min read

This group includes tags that start with the level threatintel. These tags identify data generated by threat intelligence tools.

Company

Product/Service

Data tables

Company

Product/Service

Data tables

Bandura ThreatBlockr

  • threatintel.bandura.threatblockr.dnslog 

  • threatintel.bandura.threatblockr.dnsresplog

  • threatintel.bandura.threatblockr.packetlog

More information

AlienVault OTX (Open Threat eXchange)

  • threatintel.alienvault_otx.pulses.indicators 

More information

 

ThreatQ

  • threatintel.threatquotient.platform.anonymization.1.json

  • threatintel.threatquotient.platform.commandandcontrol.1.json

  • threatintel.threatquotient.platform.logincompromise.1.json

  • threatintel.threatquotient.platform.userdefined.1.json

  • threatintel.threatquotient.platform.compromisedpkicertificate.1.json

  • threatintel.threatquotient.platform.wateringhole.1.json

  • threatintel.threatquotient.platform.watchlist.1.json

  • threatintel.threatquotient.platform.incident.1.json

  • threatintel.threatquotient.platform.exfiltration.1.json

  • threatintel.threatquotient.platform.spearphish.1.json

  • threatintel.threatquotient.platform.sighting.1.json

  • threatintel.threatquotient.platform.hostcharacteristics.1.json

  • threatintel.threatquotient.platform.sqlinjectionattack.1.json

  • threatintel.threatquotient.platform.dosattack.1.json

  • threatintel.threatquotient.platform.malware.1.json

More information

 

SOCRadar

  • threatintel.socradar.xti.audit_logs

  • threatintel.socradar.xti.incidents

  • threatintel.socradar.xti.threat_feed

More information

 

Flashpoint

  • threatintel.flashpoint.intelligence.alerts

More information