This app integrates with the ThreatConnect platform to provide various hunting actions in addition to threat ingestion
Supported Actions
- on poll: Callback action for the on_poll ingest functionality
- test connectivity: Validate the asset configuration for connectivity
- list owners: List the owners visible with the configured credentials
- post data: Create an indicator and post it to ThreatConnect
- hunt ip: Hunt an IP and retrieve any available information
- hunt file: Hunt a file hash and retrieve available information
- hunt email: Hunt an email and retrieve available information
- hunt domain: Hunt a domain and retrieve available information
- hunt url: Hunt a URL and retrieve available information