QintelQWatch
Qintel's QWatch system contains credentials obtained from dump sites, hacker collaboratives, and command and control infrastructures of eCrime- and APT-related malware. With this integration, users can fetch exposure alerts as incidents and discover exposed credentials associated with their organization.
Data Enrichment & Threat Intelligence · Qintel
Configuration parameters
remote— QWatch API URL (optional)credentials— Qintel Credentials (required)insecure— Trust any certificate (not secure)proxy— Use system proxy settingsisFetch— Fetch incidentsfetch_passwords— Fetch plaintext passwordsmax_fetch— Limit number of records per fetchfirst_fetch— First fetch timeincidentFetchInterval— Incidents Fetch Intervalfetch_severity— Default Incident Severity (required)incidentType— Incident type
Commands (1)
-
qintel-qwatch-exposuresSearch QWatch for exposed credentials.