ThreatConnect¶
Cyderes supports the ingestion of indicators.
Chronicle Data Types¶
- THREATCONNECT_IOC
Configuration¶
Cyderes will require an API user to be able to access indicators.
The following docs will walk you through how to create an API user for Cyderes to use, ensure that you save the secret key from this step as you will not be able to get it afterwards:
The API user will need a role that provides at a minimum READ permissions for indicators in the Threat Intelligence Platform:
Gather Information¶
Please provide Cyderes with the following:
- Access ID for API user created for Cyderes
- Secret Key for API user created for Cyderes
- API URL (if not using Public Cloud ThreatConnect)