RecordedFuture

README

This analyzer will return Recorded Future Intelligence for the following datatypes: * ip * domain * fqdn * hash * url

Enriched observables can display: * Risk Summary: Risk Score, Criticality, and link to the Intelligence Card * Recorded Future AI Insights

• Risk Rules and Evidence Details

• Technical & Insikt Group Research Links

• Related Threat Actors
• Related Attack Vectors
• Malware Family / Category
• Related IPs
• Related Domains
• Related Hashes

RecordedFuture

Author: Recorded Future
License: AGPL-V3
Version: 2.0
Supported observables types:
- ip
- domain
- fqdn
- hash
- url
Registration required: True
Subscription required: True
Free subscription: N/A
Third party service: https://www.recordedfuture.com/

Description

Enrich IP, Domain, FQDN, URL, or Hash with Recorded Future context: Risk Score, Risk Details, AI Insights, Links, Threat Actor, Attack Vector, Malware Category / Family, and Related Entities (IPs, Domains, and Hashes)

Configuration

key	API Token
Default value if not configured	N/A
Type of the configuration item	string
The configuration item can contain multiple values	False
Is required	True

Templates samples for TheHive

No template samples to display.