Skip to main content
Ctrl+K
Logo image Logo image

EclecticIQ Integrations

Site Navigation

  • EclecticIQ Integrations Life Cycle Policy
  • Generic
  • Integrations
  • Developers

Section Navigation

  • AlienVault
    • Incoming feed - AlienVault OTX Pulses Feed
  • BFK
    • Incoming feed - BFK API
  • Binary Defense
    • Incoming feed - Binary Defense Systems Artillery Threat Intelligence Feed
  • Bitdefender
    • Incoming feed - Bitdefender Advanced Threat Intelligence Domain Feed
    • Incoming feed - Bitdefender Advanced Threat Intelligence Hash Feed
    • Incoming feed - Bitdefender Advanced Threat Intelligence IP Feed
  • Censys
    • Enricher - Censys
  • CentralOps
    • Enricher - CentralOps Domain Dossier
  • CIRCL
    • Enricher - CIRCL IPs related to SSL certificate
    • Enricher - CIRCL SSL Certificate Fetcher
    • Enricher - CVE Search
    • Incoming feed - CVE Search API
  • CISA
    • Incoming feed - CISA Known Exploited Vulnerabilities (KEV) Catalog
  • Cisco
    • Enricher - Cisco ASN Info
    • Enricher - Cisco DNS RR History
    • Enricher - Cisco Malicious Domains
    • Enricher - Cisco Related Domains
    • Enricher - Cisco Threat Grid
    • Enricher - Cisco Umbrella Threat Grid integration
    • Enricher - Cisco Whois
    • Incoming feed - Cisco Threat Grid Curated Feed
    • Incoming feed - Cisco Threat Grid Samples API
  • Cofense
    • Incoming feed - Cofense PhishMe Intelligence
  • CrowdStrike
    • Enricher - CrowdStrike Enricher
    • Enricher - Crowdstrike Vulnerability Intelligence (Related Reports) Enricher
    • Enricher - Crowdstrike Vulnerability Intelligence (Related Threat Actors) Enricher
    • Incoming feed - Crowdstrike Falcon Intelligence Indicator Feed
    • Incoming feed - Crowdstrike Falcon Intelligence Reports Feed
    • Incoming feed - Crowdstrike Falcon Intelligence Threat Actor Feed
    • Incoming feed - Crowdstrike Falcon Intelligence Yara Rule Feed
    • Outgoing feed - Crowdstrike Falcon Custom IOC upload
    • Outgoing feed - Crowdstrike Falcon LogScale Outgoing feed
  • cybercrime-tracker.net
    • Incoming feed - Cybercrime Tracker
    • Incoming feed - Cybercrime Tracker Domain Provider
    • Incoming feed - Cybercrime Tracker Zbot Provider
  • Cybereason
    • Outgoing feed - Cybereason
  • Cyfirma
    • Enricher - Cyfirma Threat IOC Search Enricher
  • Digital Shadows
    • Incoming feed - Digital Shadows Searchlight Global Incidents Provider
    • Incoming feed - Digital Shadows Searchlight Private Incidents Provider
  • DomainTools
    • Enricher - DomainTools Iris Investigate
  • Dragos
    • Incoming feed - Dragos Threat Feed
  • DShield
    • Enricher - DShield
  • EclecticIQ
    • Incoming feed - EclecticIQ Commercial Sources Feed
    • Incoming feed - EclecticIQ Open Sources Feed
  • Elasticsearch
    • Enricher - Elasticsearch sightings
  • Exabeam
    • Incoming feed - Exabeam Event Feed
    • Outgoing feed - Exabeam Outgoing Feed
  • Farsight Security
    • Enricher - Farsight DNSDB
  • Feedly for Threat Intelligence
    • Incoming feed - Feedly for Threat Intelligence Streams
  • Flashpoint
    • Incoming feed - Flashpoint Indicator feed
    • Incoming feed - Flashpoint Intelligence Reports Provider
  • Forcepoint
    • Outgoing feed - Forcepoint
  • Fox-IT
    • Enricher - Fox-IT InTELL Portal
  • GreyNoise
    • Enricher - GreyNoise API
    • Incoming feed - GreyNoise Noise Incoming Feed
  • Group-IB
    • Incoming feed - Group-IB APT Threat
    • Incoming feed - Group-IB Brand Abuse Phishing Kit
    • Incoming feed - Group-IB Compromised Data Accounts
    • Incoming feed - Group-IB Compromised Data Cards
    • Incoming feed - Group-IB Human Intelligence Threat
    • Incoming feed - Group-IB Malware C2
    • Incoming feed - Group-IB Attacks Phishing
    • Incoming feed - Group-IB Phishing Brand Abuse
    • Incoming feed - Group-IB Attacks Phishing Kit
    • Incoming feed - Group-IB Suspicious IP Socks Proxy
  • Hybrid Analysis
    • Enricher - HybridAnalysis
  • Infoblox
    • Outgoing feed - Infoblox NIOS
  • Intel 471
    • Enricher - Intel 471 Adversary Intelligence Enricher
    • Enricher - Intel 471 Posts Enricher
    • Incoming feed - Intel 471 Adversary Intelligence Feed
    • Incoming feed - Intel 471 Malware Intelligence Reports Feed
    • Incoming feed - Intel 471 Vulnerability Intelligence
    • Incoming feed - Intel 471 Watcher Alerts
  • IntSights
    • Incoming feed - IntSights Alerts
  • Joe Security
    • Incoming feed - JoeSandbox Analysis Feed
  • Kaspersky
    • Enricher - Kaspersky
    • Incoming feed - Kaspersky APT Reports
    • Incoming feed - Kaspersky Threat Intelligence
  • Risk Analytics (formerly Malware Domains)
    • Incoming feed - Malwaredomains Provider
  • Mandiant (previously FireEye)
    • Enricher - FireEye iSIGHT
    • Incoming feed - FireEye iSIGHT Intelligence Report API
    • Incoming feed - Mandiant Threat Intelligence Feed v4 (Campaign Feed)
    • Incoming feed - Mandiant Threat Intelligence Feed v4 (Indicator Feed)
    • Incoming feed - Mandiant Threat Intelligence Feed v4 (Malware Feed)
    • Incoming feed - Mandiant Threat Intelligence Feed v4 (Report Feed)
    • Incoming feed - Mandiant Threat Intelligence Feed v4 (Threat Actor Feed)
    • Incoming feed - Mandiant Threat Intelligence Feed v4 (Vulnerability Feed)
  • MaxMind
    • Enricher - MaxMind GeoIP
  • Microsoft
    • Enricher - Microsoft Defender Threat Intelligence
    • Incoming feed - Microsoft Sentinel Alerts Feed
    • Outgoing feed - Microsoft Azure Sentinel Outgoing Feed
  • MISP
    • Enricher - MISP API enricher
    • Incoming feed - MISP
    • Outgoing feed - MISP
  • NCFTA
    • Incoming feed - NCFTA ListServ Intel
  • NSFOCUS
    • Enricher - NSFocus Intelligence
    • Incoming feed - NSFocus Provider
  • NVD
    • Incoming feed - NVD - Vulnerability Intelligence Feed
  • OpenPhish
    • Incoming feed - OpenPhish
  • OpenResolve (Cisco)
    • Enricher - OpenResolve
  • Palo Alto Networks
    • Enricher - Palo Alto Autofocus
    • Incoming feed - Palo Alto Autofocus Hash Feed 1
    • Incoming feed - Palo Alto Networks Auto Focus Threat Intelligence
    • Incoming feed - Palo Alto PAN-OS Traffic Report
    • Outgoing feed - Palo Alto PAN-OS External Dynamic List
  • RiskIQ PassiveTotal (Microsoft)
    • Enricher - PassiveTotal IP/Domain
    • Enricher - PassiveTotal Malware
    • Enricher - PassiveTotal Passive DNS
    • Enricher - PassiveTotal Whois
  • PhishTank
    • Enricher - PhishTank
  • Proofpoint
    • Enricher - Proofpoint Email Threat
    • Incoming feed - Proofpoint Email Brand Defense
  • PyDat
    • Enricher - PyDat
  • Qualys
    • Enricher - Qualys Enricher
  • Recorded Future
    • Enricher - Recorded Future
    • Incoming feed - Recorded Future Analyst Note Feed
    • Incoming feed - Recorded Future Domain Feed
    • Incoming feed - Recorded Future Hash Feed
    • Incoming feed - Recorded Future IP Feed
    • Incoming feed - Recorded Future URL Feed
    • Incoming feed - Recorded Future Vulnerability Feed
  • RIPEstat
    • Enricher - RIPEstat GeoIP
    • Enricher - RIPEstat Whois
  • Shodan
    • Enricher - Shodan
  • Sigma rules
    • Incoming feed - SigmaHQ Rules Feed
  • Silobreaker
    • Enricher - Silobreaker
    • Incoming feed - Silobreaker
  • Splunk
    • Enricher - Splunk sightings
  • SpyCloud
    • Enricher - SpyCloud Breach Data
    • Incoming feed - SpyCloud Breach API
    • Incoming feed - SpyCloud Watchlist Ingest
  • ThreatCrowd
    • Enricher - ThreatCrowd
  • Red Sky Alliance (formerly Wapack Labs)
    • Incoming feed - Threat Recon
  • Unshorten.me
    • Enricher - Unshorten-URL
  • VirusTotal
    • Enricher APIv3
      • Domain
      • Virus Total | APIv3 | Hash enricher
      • IP
      • URL
    • Enricher APIv2
    • Incoming feed
  • VMRay
    • Incoming feed - VMRay Malware Submission Feed
  • Webroot
    • Enricher - Webroot
  • XMCO
    • Incoming feed - XMCO YUNO advisories
  • YARA rules
    • Incoming feed - YARA Rules Project
  • ZoomInfo
    • Enricher - ZoomInfo Company Enricher
  • Zscaler
    • Outgoing feed - Zscaler Outgoing Feed

CISA#

  • Incoming feed - CISA Known Exploited Vulnerabilities (KEV) Catalog
# Release History


## Initial release

Release date: 03 April 2024

**Features:**

* Now provides the CISA Known Exploited Vulnerabilities Catalog incoming feed

previous

Incoming feed - CVE Search API

next

Incoming feed - CISA Known Exploited Vulnerabilities (KEV) Catalog