Blueliv ThreatContext

The Threat Context module provides SOC, Incident Response, and Threat Intelligence teams with continuously updated and intuitive information around threat actors, campaigns, malware indicators, attack patterns, tools, signatures and CVEs.

Data Enrichment & Threat Intelligence · Blueliv ThreatContext

Configuration parameters

  • url — Server URL (e.g. https://demisto.blueliv.com/api/v2) (required)
  • credentials — Username (required)
  • unsecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings

Commands (11)

  • blueliv-authenticate

    Authenticates and gets the API token.

  • blueliv-tc-attack-pattern

    Gets information about an Attack Pattern.

  • blueliv-tc-campaign

    Gets information about a campaign.

  • blueliv-tc-cve

    Gets information about a CVE.

  • blueliv-tc-indicator-cs

    Gets information about a Crime Server.

  • blueliv-tc-indicator-fqdn

    Gets information about an FQDN.

  • blueliv-tc-indicator-ip

    Gets information about an IP address.

  • blueliv-tc-malware

    Gets information about malware, by ID.

  • blueliv-tc-signature

    Gets information about a Signature.

  • blueliv-tc-threat-actor

    Gets information about a Threat Actor.

  • blueliv-tc-tool

    Gets information about a Tool.