ThreatQ app icon

ThreatQ

Integrates a variety of ThreatQ services into Phantom.

Built by
soar product badge
Latest Version 1.0.1
September 17, 2021
Compatibility
SOAR On-Prem
Platform Version: 5.5, 5.4, 5.3, 5.2, 5.1, 5.0, 4.10, 4.9, 4.8, 4.7, 4.6, 4.5, 4.2, 4.1, 4.0, 3.5, 3.0, 2.1, 2.0, 1.2
Rating

0

(0)

Log in to rate this app
Support
ThreatQ support icon
Not Supported
Ranking

#7

in Information
Integrates a variety of ThreatQ services into Phantom.

Supported Actions

  • test connectivity: Validate the asset configuration for connectivity.
  • run query: Query ThreatQ and grab attributes
  • create ioc: Create IOC in ThreatQ
  • get related iocs: Query ThreatQ for related IOCs
  • link ioc: Link IOCs together
  • create event: Create event based on current container
  • upload file: Upload file from vault in current container
  • domain reputation: Get attributes, related indicators, and related adversaries
  • ip reputation: Get attributes, related indicators, and related adversaries
  • email reputation: Get attributes, related indicators, and related adversaries
  • url reputation: Get attributes, related indicators, and related adversaries
  • file reputation: Get attributes, related indicators, and related adversaries
  • update status: Change Indicator Status in ThreatQ
  • create adversary: Create Adversary in ThreatQ

Categories

Information

Created By

srv-stage-community

Source Code

GitHub(Opens new window)

Type

connector

Downloads

1

Licensing

Splunk General Terms(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing