RST Cloud - Threat Feed API
This is the RST Threat Feed integration for interacting with API.
Data Enrichment & Threat Intelligence · RST Threat Feed
Configuration parameters
url— Server URL (e.g. https://api.rstcloud.net/v1) (required)apikey— API Key (required)threshold_ip— Score threshold for IP reputation command (required)threshold_domain— Score threshold for domain reputation command (required)threshold_url— Score threshold for url reputation command (required)threshold_hash— Score threshold for hash reputation commandindicator_expiration_ip— IP Indicator Expiration (days) (required)indicator_expiration_domain— Domain Indicator Expiration (days) (required)indicator_expiration_url— URL Indicator Expiration (days) (required)indicator_expiration_hash— File Hash Indicator Expiration (days)proxy— Use system proxy settingsinsecure— Trust any certificate (not secure)integrationReliability— Source ReliabilityfeedExpirationPolicy—feedExpirationInterval—
Commands (6)
-
domainReturns Domain information and reputation.
-
fileReturns File information and reputation.
-
ipReturns IP information and reputation.
-
rst-submit-fpSubmits a potential False Positive to RST Threat Feed.
-
rst-submit-newSubmits an indicator to RST Threat Feed.
-
urlReturns URL information and reputation.