QintelQWatch

Qintel's QWatch system contains credentials obtained from dump sites, hacker collaboratives, and command and control infrastructures of eCrime- and APT-related malware. With this integration, users can fetch exposure alerts as incidents and discover exposed credentials associated with their organization.

Data Enrichment & Threat Intelligence · Qintel

Configuration parameters

  • remote — QWatch API URL (optional)
  • credentials — Qintel Credentials (required)
  • insecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings
  • isFetch — Fetch incidents
  • fetch_passwords — Fetch plaintext passwords
  • max_fetch — Limit number of records per fetch
  • first_fetch — First fetch time
  • incidentFetchInterval — Incidents Fetch Interval
  • fetch_severity — Default Incident Severity (required)
  • incidentType — Incident type

Commands (1)

  • qintel-qwatch-exposures

    Search QWatch for exposed credentials.