Gatewatcher_CTI

README

Gatewatcher

Gatewatcher is a European leader in advanced Threats detection, protecting critical networks of large Entreprises and Governement organisations since 2015.

Gatewatcher CTI

The Gatewatcher CTI (Cyber Threat Intelligence) offer is compatible with all cybersecurity solutions. It immediately enhances your detection with contextual information about internal and external cyber threats specifically targeting your business.

Cortex Integration

This cortex analyzer allows you to search for an IOC (url, hash, host/domain) in the Gatewatcher CTI database

How to obtain credentials ?

If you want to try our freemium offer your can obtain your API key : https://info.gatewatcher.com/en/lp-free-ioc-analysis-api-key

If you want more you can contact us : https://info.gatewatcher.com/fr/speed-meeting-lastinfosec

TheHive Integration

With this cortex integration, we also provide you templates for TheHive available in the thehive-templates directory.

Gatewatcher_CTI

Author: Gatewatcher
License: AGPL-3.0
Version: 1.0
Supported observables types:
- hash
- domain
- fqdn
- url
Registration required: True
Subscription required: True
Free subscription: False
Third party service: https://www.gatewatcher.com/

Description

Get Gatewatcher CTI Report

Configuration

apiKey	Gatewatcher CTI Api Key.
Default value if not configured	N/A
Type of the configuration item	string
The configuration item can contain multiple values	False
Is required	True

extendedReport	Show reports for relations.
Default value if not configured	True
Type of the configuration item	boolean
The configuration item can contain multiple values	False
Is required	True

maxRelations	Max relation reports to display if you have enabled the extendReport option. Set -1 to show all report
Default value if not configured	50
Type of the configuration item	number
The configuration item can contain multiple values	False
Is required	False

Templates samples for TheHive