**The latest version 1.3 is now updated to use campaign information from STIX/TAXII server.**
**This package is now updated to use open source STIX/TAXII server as a source to collect and normalize threat data.**
This package populates, displays and monitors the Threat Model , which is used to detect and contextualize potential malicious activity based on intelligence derived from a site-specific mix of threat intelligence sources. This package uses the open source Collective Intelligence Framework (CIF) to collect and normalize threat data from open source, proprietary and internal sources.
User cases supported by this package include:
**NEW** Please note, this update does not require a new download of the L1 Threat Intelligence package.Please follow the instructions to update the solution for STIX/TAXII here: https://sec.microfocus.com/foswiki/bin/view/ArcSightActivate/L1ThreatIntelligence#a_41_STIX_47TAXII
This version is able to collect:
For more detail, please visit https://sec.microfocus.com/foswiki/bin/view/ArcSightActivate/L1ThreatIntelligence
• Active Base - Version 18.104.22.168 and later.
Ability to collect campaign information from STIX/TAXII and use it in content.
Added file hash use case to this package.
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox