**The latest version 1.3 is now updated to use campaign information from STIX/TAXII server.**
**This package is now updated to use open source STIX/TAXII server as a source to collect and normalize threat data.**
This package populates, displays and monitors the Threat Model , which is used to detect and contextualize potential malicious activity based on intelligence derived from a site-specific mix of threat intelligence sources. This package uses the open source Collective Intelligence Framework (CIF) to collect and normalize threat data from open source, proprietary and internal sources.
User cases supported by this package include:
**NEW** Please note, this update does not require a new download of the L1 Threat Intelligence package.Please follow the instructions to update the solution for STIX/TAXII here: https://sec.microfocus.com/foswiki/bin/view/ArcSightActivate/L1ThreatIntelligence#a_41_STIX_47TAXII
This version is able to collect:
For more detail, please visit https://sec.microfocus.com/foswiki/bin/view/ArcSightActivate/L1ThreatIntelligence
• Active Base - Version 2.4.0.0 and later.
Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.
Fix bugs related to suspicious file hash use case.
Ability to collect campaign information from STIX/TAXII and use it in content.
Added file hash use case to this package.
Related content and resources
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox