Blueliv ThreatContext
The Threat Context module provides SOC, Incident Response, and Threat Intelligence teams with continuously updated and intuitive information around threat actors, campaigns, malware indicators, attack patterns, tools, signatures and CVEs.
Data Enrichment & Threat Intelligence · Blueliv ThreatContext
Configuration parameters
url— Server URL (e.g. https://demisto.blueliv.com/api/v2) (required)credentials— Username (required)unsecure— Trust any certificate (not secure)proxy— Use system proxy settings
Commands (11)
-
blueliv-authenticateAuthenticates and gets the API token.
-
blueliv-tc-attack-patternGets information about an Attack Pattern.
-
blueliv-tc-campaignGets information about a campaign.
-
blueliv-tc-cveGets information about a CVE.
-
blueliv-tc-indicator-csGets information about a Crime Server.
-
blueliv-tc-indicator-fqdnGets information about an FQDN.
-
blueliv-tc-indicator-ipGets information about an IP address.
-
blueliv-tc-malwareGets information about malware, by ID.
-
blueliv-tc-signatureGets information about a Signature.
-
blueliv-tc-threat-actorGets information about a Threat Actor.
-
blueliv-tc-toolGets information about a Tool.