Document toolboxDocument toolbox

threatintel - Threat Intelligence

This group includes tags that start with the level threatintel. These tags identify data generated by threat intelligence tools.

Company

Product/Service

Data tables

Company

Product/Service

Data tables

-

-

  • threatintel.anomaly.threatstream 

More information

AlienVault OTX (Open Threat eXchange)

  • threatintel.alienvault_otx.pulses.indicators 

More information

ThreatBlockr (formerly Bandura ThreatBlockr)

  • threatintel.bandura.threatblockr.dnslog 

  • threatintel.bandura.threatblockr.dnsresplog

  • threatintel.bandura.threatblockr.packetlog

More information

Cyble Vision

  • threatintel.cyble.vision.alert

More information

Arachni Web Application Security Scanner Framework

  • threatintel.discovery.arachni.scan

More information

Nmap Network Scanner

  • threatintel.discovery.nmap.scan

More information

DomainTools Iris platform

  • threatintel.domaintools.whois

More information

Threat Compass (formerly Blueliv Threat Compass)

  • threatintel.external.blueliv.attackingips

  • threatintel.external.blueliv.credentials

  • threatintel.external.blueliv.credentialsettings

  • threatintel.external.blueliv.crimeservers

  • threatintel.external.blueliv.malware

More information

DNS Changes channel

  • threatintel.farsight.dns.ch212

  • threatintel.farsight.dns.ch213

More information

Flashpoint Platform

  • threatintel.flashpoint.intelligence.alerts

More information

MISP Threat Sharing

  • threatintel.misp.attributenotifications

  • threatintel.misp.attributes

  • threatintel.misp.sighting.attributes

  • threatintel.misp.sighting.logs

More information

SOCRadar's Extended Threat Intelligence

  • threatintel.socradar.xti.audit_logs

  • threatintel.socradar.xti.incidents

  • threatintel.socradar.xti.threat_feed

More information

 

ThreatQ Platform

  • threatintel.threatquotient.platform

  • threatintel.threatquotient.platform.anonymization

  • threatintel.threatquotient.platform.commandandcontrol

  • threatintel.threatquotient.platform.compromisedpkicertificate

  • threatintel.threatquotient.platform.dosattack

  • threatintel.threatquotient.platform.exfiltration

  • threatintel.threatquotient.platform.hostcharacteristics

  • threatintel.threatquotient.platform.incident

  • threatintel.threatquotient.platform.logincompromise

  • threatintel.threatquotient.platform.malware

  • threatintel.threatquotient.platform.sighting

  • threatintel.threatquotient.platform.spearphish

  • threatintel.threatquotient.platform.sqlinjectionattack

  • threatintel.threatquotient.platform.userdefined

  • threatintel.threatquotient.platform.watchlist

  • threatintel.threatquotient.platform.wateringhole

More information

Anomali ThreatStream Threat Intelligence Management

  • threatintel.threatstream

  • threatintel.threatstream.domain

  • threatintel.threatstream.email

  • threatintel.threatstream.ioccountbyhour

  • threatintel.threatstream.ip

  • threatintel.threatstream.itypes

  • threatintel.threatstream.md5

  • threatintel.threatstream.severities

  • threatintel.threatstream.string

  • threatintel.threatstream.url

More information