Threat intelligence
Ingest threat intelligence indicators from various threat intelligence providers.
Available Threat intelligence integrations include:
- AbuseCH: Ingest threat intelligence indicators from URL Haus, Malware Bazaar, and Threat Fox feeds with Elastic Agent.
- AlienVault OTX: Ingest threat intelligence indicators from AlienVault Open Threat Exchange (OTX) with Elastic Agent.
- Anomali: Ingest threat intelligence indicators from Anomali with Elastic Agent.
- Collective Intelligence Framework v3: Ingest threat indicators from a Collective Intelligence Framework v3 instance with Elastic Agent.
- Custom Threat Intelligence: Ingest threat intelligence data in STIX 2.1 format with Elastic Agent
- Cybersixgill: Ingest threat intelligence indicators from Cybersixgill with Elastic Agent.
- EclecticIQ: Ingest threat intelligence from EclecticIQ with Elastic Agent
- Maltiverse: Ingest threat intelligence indicators from Maltiverse feeds with Elastic Agent
- Mandiant Advantage: Collect Threat Intelligence from products within the Mandiant Advantage platform.
- MISP: Ingest threat intelligence indicators from MISP platform with Elastic Agent.
- OpenCTI: Ingest threat intelligence indicators from OpenCTI with Elastic Agent.
- Recorded Future: Ingest threat intelligence indicators from Recorded Future risk lists with Elastic Agent.
- ThreatQuotient: Ingest threat intelligence indicators from ThreatQuotient with Elastic Agent.