Threat Intelligence
Insights from threat intelligence platforms
Attributes
Caption | Name | Type | Description |
---|---|---|---|
Provider | provider |
String | Threat intelligence data provider name e.g. AlienVaultOTX |
Raw Data | raw_data |
JSON | The event data as received from the event source. |
Record ID | record_id |
String | Unique identifier for the object |
Reputation Scores | reputation |
Reputation[] | Reputation score as reported by provider |
Type ID | type_id |
Integer |
Type of entity for which threat info is provided e.g. IP
|
Unmapped Data | unmapped |
Unmapped[] | The attributes that are not mapped to the event schema. The names and values of those attributes are specific to the event source. |
Value | value |
String | Entity value for which threat info is provided |
Relationships
Outbound Relationships
Threat Intelligence references the following objects and events in its attributes:
This page describes qdm-1.3.2+ocsf-1.3.0
Updated about 2 months ago