[ 1 Connect Emerging Threats with Devo SOAR ] [ 2 Actions for Emerging Threats ] [ 2.1 IP Lookup ] [ 2.1.1 Input Field ] [ 2.1.2 Output ] [ 3 Release Notes ]

Emerging Threats delivers the most timely and accurate threat intelligence. Our fully verified intel provides deeper context and integrates seamlessly with your security tools to enhance your decision-making.

Connect Emerging Threats with Devo SOAR

Navigate to Automations > Integrations.
Search for Emerging Threats.
Click Details, then the + icon. Enter the required information in the following fields.
Label: Enter a connection name.
Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
Remote Agent: Run this integration using the Devo SOAR Remote Agent.
After you've entered all the details, click Connect.

Actions for Emerging Threats

IP Lookup

Submit an IP address to perform a lookup against Emerging Threat's blacklist.

Input Field

Input Name	Description	Required

Input Name	Description	Required
Column Name	Select the column name from parent table to lookup value for.	Required

Output

A JSON object containing multiple rows of result:

result: Identifies the blacklist IPs.

{json}{ "ip": "", "positive_hit": "true" }

Release Notes

v3.0.0 - Updated architecture to support IO via filesystem
v2.0.5 - Added documentation link in the automation library.