**The latest version 1.3 is now updated to use campaign information from STIX/TAXII server.**

**This package is now updated to use an open-source STIX/TAXII server as a source to collect and normalize threat data.**

This package populates, displays, and monitors the Threat Model, which is used to detect and contextualize potential malicious activity based on intelligence derived from a site-specific mix of threat intelligence sources. This package uses the open-source Collective Intelligence Framework (CIF) to collect and normalize threat data from open source, proprietary, and internal sources.

User cases supported by this package include:

  • Populate Threat Model from a variety of heterogeneous intelligence feeds
  • Enrich events with Threat Model data
  • Display and report upon Threat Model activity

**NEW** Please note, this update does not require a new download of the L1 Threat Intelligence package. Please follow the instructions to update the solution for STIX/TAXII here:

This version is able to collect:

For more detail, please visit

Minimum Requirements

Active Base - Version and later.

Suggested apps

Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.


L1-Threat Intelligence
76.2 KB
Nov 18, 2019
More info Less info
Product compatibility
Version 7.6 · 7.5 · 7.4 · 7.3 · 7.2 · 7.0
Version 6.8 · 6.9.1 · 6.11.0
Release notes

Fix bugs related to suspicious file hash use case.



Unsubscribe from notifications

You are receiving release updates for this item because you have subscribed to the following products:
If you unsubscribe, you will no longer receive any notifications for these products.
Tip: to update your subscription preferences, go to Manage Subscriptions from your Dashboard, uncheck the products you no longer want to receive notifications for, and click 'Save'.

Marketplace Terms of Service

In order to continue, you must accept the updated Marketplace Terms of Service
Since you are downloading an app from the Micro Focus Marketplace, you need to accept the updated Marketplace Terms of Service before you can continue. Use the link to review the Marketplace Terms of Service. Once complete check the, "I accept the Marketplace Terms of Service" box below and click accept to continue your download.

Your download has begun...

Your download has begun

Related content and resources

Your browser is not supported!

Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox

release-rel-2021-9-2-4492 | Wed Sep 22 18:00:11 PDT 2021