Intel 471
Version: 1.1
Updated: Jul 06, 2023
Intel 471provides comprehensive coverage of the criminal underground, SaaS platform which exposes locally sourced human-driven, automation-enabled insights to gain broad coverage and monitor the threats.
Actions
- List Alerts (Enrichment) - Returns list of Alerts matching filter criteria excluding the following types: Malware reports, YARA.
- Search IOC (Enrichment) - Returns list of Indicators of compromise matching filter criteria.
- Stream Malware Intelligence Indicators (Enrichment) - Returns list of Indicators matching filter criteria.
Intel 471 configuration
- Sign in Intel 471 using your username and password.
- Use the token you received in your email to complete log in.
- On the left menu, search for your profile and in API, under API KEY click to display your API Key.
- Make sure you copy the API Key.
Intel 471 in Automation Service and Cloud SOAR
- Access integrations in the Automation Service or Cloud SOAR.
- After the list of the integrations appears, search/look for the integration and click on the row.
- The integration details will appear. Click on the "+" button to add new Resource.
- Populate all the required fields (*)
- URL. 'https://api.intel471.com/'.
- Email Address. your email address.
- API Key. Insert the previously copied key.
- Click Save.
- To make sure the resource is working, hover over the resource and then click the pencil icon that appears on the right.
- Click TEST SAVED SETTINGS.
- You should receive a successful notification in the bottom right corner.
Category
Threat Intelligence-Reputation
Change log
- May 23, 2022 - First Upload
- July 6, 2023 (v1.1) - Updated the integration with Environmental Variables