Intelligence Center external integrations
Intelligence Center data can be consumed using several third party integrations.
The default feed is available as a MISP feed.
It can be added to an existing MISP instance by following MISP's documentation.
The following field values are required for the feed to work properly:
- Input Source: Network
- Source Format: MISP Feed
Authorization: Bearer <APIKEY>
You then need to make sure you have a scheduled task in place to regularly fetch the feed's content.
An OpenCTI connector is available to consumme a feed. All the instruction to run it are available at the connector GitHub repository: https://github.com/OpenCTI-Platform/connectors/tree/master/sekoia.
SEKOIA.IO App for Splunk
An App for Splunk is available to detect threats in your logs based on our feed.
You can find the download links and additional information on the dedicated GitHub repository.