• Have questions about this item?

  • Contact us

Description

ThreatQis a threat intelligence platform that structures and normalizes intelligence data for proper deployment into a variety of tools, including HP’s ArcSight ESM.  The customer can control what information is exported from ThreatQ and ingested into ArcSight to extend alert capabilities and to assist with event triage investigations.  Customers will be able to configure Hunting Active Channels to assist with more complex cyber correlations.

ThreatQ offers several pre-configured ArcSight Connectors out-of-the-box including ArcSight (an export of all indicators/indicator types), Email Addresses, Email Attachments (i.e. file names), Email Subject, FQDN, MD5, URL, URL Path, User-Agent, and X-Mailer.  ThreatQ will output the indicators that match the export criteria in the necessary CEF format.  The SmartConnector will authenticate to ThreatQ using the Export Token Key and import the ThreatQ export.


Suggested apps

Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.

Releases

Release
Date
Supported Versions of ThreatQ 2.2, 3.0
Apr 11, 2017
More info Less info
Product compatibility
ESM
Version 7.4 · 7.3 · 7.2 · 7.0
Version 6.11.0 · 6.8
Release notes

The event format complies with the requirements of the HPE ArcSight Common Event Format.The HPE ArcSight CEF connector will be able to process the events correctly and the events will be available for use within HPE’s ArcSight product.In addition, the event content has been deemed to be in accordance with standard SmartConnector requirements.The events will be sufficiently categorized to be used in correlation rules, reports and dashboards as a proof-of-concept (POC) of the joint solution.

Joint customers with questions regarding the integration between ThreatQuotient’s ThreatQ intelligence platform and HP’s ArcSight SIEM should call or email the ThreatQ’s support contact information above, identify themselves, and describe the problem. Contact support at support@threatq.com 

Languages
English

Unsubscribe from notifications

You are receiving release updates for this item because you have subscribed to the following products:
If you unsubscribe, you will no longer receive any notifications for these products.
Tip: to update your subscription preferences, go to Manage Subscriptions from your Dashboard, uncheck the products you no longer want to receive notifications for, and click 'Save'.
Unsubscribe Cancel

Marketplace Terms of Service

In order to continue, you must accept the updated Marketplace Terms of Service
Since you are downloading an app from the Micro Focus Marketplace, you need to accept the updated Marketplace Terms of Service before you can continue. Use the link to review the Marketplace Terms of Service. Once complete check the, "I accept the Marketplace Terms of Service" box below and click accept to continue your download.


Accept Cancel
Your download has begun...

Your download has begun

Related content and resources

Your browser is not supported!

Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox

release-rel-2021-2-3-3805 | Wed Feb 24 23:06:24 PST 2021