Threat Intelligence Feeds Management
Threat Intelligence feeds on Maltiverse can be used to either be integrated within a wide variety of security tools, or can be downloaded in a variety of formats to be used as needed within your organization. This article goes over both approaches in detail.
TI Feeds integration
Maltiverse Threat Feeds can be easily integrated with a high variety of leading security solutions. By consuming these feeds, tools like firewalls, endpoint protection, and SIEM/SOAR platforms enrich their detection and response capabilities with up-to-date indicators of compromise.
You can inspect and select Threat Feeds from the Maltiverse Portal.
1. Select Feeds (1) from the left navigation menu.
2. On this module, you can find the full list of the different Threat Feeds. Select the one of the Threat Feeds.
3. Click Integrate feed to open the list of connectors.
4. Select the connector you need for the integration. There is a wide variety of security solutions in which Maltiverse can be integrated.
5. Follow the steps given in the integration page.
This documentation is dynamic and adapts to your context. The content changes based on your selections and the information associated with your account, ensuring that examples and parameters are relevant to your integration.
TI Feeds download
The IoC information of each feed can be downloaded to support threat hunting and analysis operations. Each feed can be downloaded in a variety of formats to suit your needs in two different ways, from a direct download or downloading via API.
Direct download
You can do a direct download of a TI Feed by following these instructions.
1. Select Feeds (1) from the left navigation menu.
2. On this module, you can find the full list of the different Threat Feeds. Select the one of the Threat Feeds.
3. Select Download Feed to continue.
4. Select the format of the file.
5. Once you have selected the format, you can download the file directly by clicking on Download (1).
Download via API
Follow these instructions to download a TI Feed via API.
1. Select Feeds (1) from the left navigation menu.
2. On this module, you can find the full list of the different Threat Feeds. Select the one of the Threat Feeds.
3. Select Download Feed to continue.
4. Select the format of the file.
5. Select one of the methods for the API request.
6. Copy the and run request given in the modal.
The <API KEY> value will be automatically replaced with your API key once you paste the request.
Related Articles
Create Custom Threat Intelligence Feeds
Maltiverse offers the possibility of creating Custom Threat Intelligence Feeds. This feature allows you to carefully select the IoCs you are going to disseminate through your security stack, allowing you to maximize your security posture based on the ...Upload Private IoCs via Maltiverse Portal
This feature is only available for the Platform plan users. Maltiverse allows users to upload and manage IoCs directly through the platform. This feature streamlines the process of parsing IoCs from raw text, associating them with relevant metadata, ...Use Case: IoC Dissemination
When talking about securing your operations, speed and coverage are two critical aspects in keeping your data safe. Having access to private or global IoCs is valuable, but their real power comes when they are distributed across your security stack. ...Maltiverse Plans
Maltiverse offers three different subscription plans designed to fit a wide range of security needs, from individuals and small teams just starting with threat intelligence, to large enterprises requiring advanced integrations and full platform ...FAQs
About Maltiverse What is Maltiverse? An automated way to deliver reliable threat intelligence to be consumed by SOCs and MSSPs. We aggregate information from hundreds of public, private and community sources, we treat and enrich this information, ...