Gatewatcher_CTI#
README
Requirement : if you want to use LastInfoSec's intelligence, you need an API key. You could contact LastInfoSec's team here https://www.gatewatcher.com/en/contact/ LastInfosec has been acquired by Gatewatcher. LastInfoSec's Threat Feed is a data feed that makes it easier to detect threats within the information system. It contains enriched compromised evidences in order to reduce the time of threat analysis once detected. https://www.gatewatcher.com/en/nos-produits/last-info-sec
Gatewatcher_CTI#
Author: Gatewatcher
License: AGPL-3.0
Version: 1.0
Supported observables types:
- hash
- domain
- fqdn
- url
Registration required: True
Subscription required: True
Free subscription: False
Third party service: https://www.gatewatcher.com/
Description#
Get Gatewatcher CTI Report
Configuration#
| apiKey | Gatewatcher CTI Api Key. |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | False |
| Is required | True |
| extendedReport | Show reports for relations. |
|---|---|
| Default value if not configured | True |
| Type of the configuration item | boolean |
| The configuration item can contain multiple values | False |
| Is required | True |
| maxRelations | Max relation reports to display if you have enabled the extendReport option. Set -1 to show all report |
|---|---|
| Default value if not configured | 50 |
| Type of the configuration item | number |
| The configuration item can contain multiple values | False |
| Is required | False |
Templates samples for TheHive#
