Skip to main content

IBM X-Force Exchange

ibm-x-force-exchange

Version: 1.5
Updated: June 26, 2024

IBM X-Force Exchange is a cloud-based threat intelligence platform that allows you to consume, share and act on threat intelligence. It enables you to rapidly research the latest global security threats, aggregate actionable intelligence, consult with experts and collaborate with peers.

Actions

  • Search DNS Records (Enrichment) - Search DNS records for a specified IP or Domain.
  • IP Reputation (Enrichment) - Gather IP reputation information for a specific IP address.
  • File Reputation (Enrichment) - Gather file reputation information for a specific file.
  • URL Reputation (Enrichment) - Gather URL reputation information for a specific URL.
  • Whois Lookup (Enrichment) - Issue a Whois lookup on a specific IP or Domain.
  • Passive DNS (Enrichment) - Search passive DNS records for a specific IP or Domain.
  • URL Reputation V2 (Enrichment) - Accepted multiple URLs separated by comma as Input and do URL reputation.

Configure IBM X-Force Exchange in Automation Service and Cloud SOAR

Before you can use this automation integration, you must configure its authentication settings so that the product you're integrating with can communicate with Sumo Logic. For general guidance, see Configure Authentication for Automation Integrations.

How to open the integration's configuration dialog
  1. Access App Central and install the integration. (You can configure at installation, or after installation with the following steps.)
  2. Go to the Integrations page.
    Classic UI. In the main Sumo Logic menu, select Automation and then select Integrations in the left nav bar.
    New UI. In the main Sumo Logic menu, select Automation > Integrations. You can also click the Go To... menu at the top of the screen and select Integrations.
  3. Select the installed integration.
  4. Hover over the resource name and click the Edit button that appears.
    Edit a resource

In the configuration dialog, enter information from the product you're integrating with. When done, click TEST to test the configuration, and click SAVE to save the configuration.

IBM X-Force Exchange configuration

For information about IBM X-Force Exchange, see IBM X-Force Exchange documentation.

Category

Threat Intelligence-Reputation

Change Log

  • December 19, 2019 - First upload
  • June 19, 2020
    • Whois Lookup and Passive DNS results can be saved as a .csv file
    • New action has been added
  • June 07, 2022 - New Actions:
    • URL Reputation V2
  • August 22, 2022 (v1.2) - General improvements
  • February 23, 2023 (v1.3)
    • Updated integration: (Updated the integration Fields with Environmental Variables)
  • July 12, 2023 (v1.4)
    • Changed fields visibility
    • Integration renamed from IBM X-Force Exchange OIF to IBM X-Force Exchange
    • Added new actions:
      • Passive DNS V2
      • Whois Lookup V2
  • June 26, 2024 (v1.5)
    • Updated Whois Lookup and Passive DNS actions with the new Cloud SOAR API; results can now be saved as incident attachments and artifacts.
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2025 by Sumo Logic, Inc.