Skip to content

ThreatConnect

Cyderes supports the ingestion of indicators.

Chronicle Data Types

  • THREATCONNECT_IOC

Configuration

Cyderes will require an API user to be able to access indicators.

The following docs will walk you through how to create an API user for Cyderes to use, ensure that you save the secret key from this step as you will not be able to get it afterwards:

Creating User Accounts

The API user will need a role that provides at a minimum READ permissions for indicators in the Threat Intelligence Platform:

Permission Definitions

Gather Information

Please provide Cyderes with the following:

  • Access ID for API user created for Cyderes
  • Secret Key for API user created for Cyderes
  • API URL (if not using Public Cloud ThreatConnect)