Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automatic Ingest of Threat Feeds #45

Closed
OzRex08 opened this issue Feb 20, 2020 · 2 comments
Closed

Automatic Ingest of Threat Feeds #45

OzRex08 opened this issue Feb 20, 2020 · 2 comments
Labels
feature use for describing a new feature to develop wontfix use to identify issue that won’t be worked on

Comments

@OzRex08
Copy link

OzRex08 commented Feb 20, 2020

It would be good to be able to ingest opensource and commercial threat feeds automatically by choosing a feed url.

Current Workaround

Indicators need to be imported manually.

Proposed Solution

  • Have the ability to select from a range of opensource feeds and have them automatically ingest either on demand, or once per day etc.
  • Be able to categorise feeds being ingested into appropriate categories (i.e. Phishing IP's; C2 Domains; Hashes of Malware etc)

Additional Information
@NetEyes
Copy link

NetEyes commented Feb 20, 2020

Finally they release a VM ready. Much appreciated.
I will be evaluating this version and hopefully they soon to add this feature - automatic feed ingestion. We have a commercial threat feed provider (can only access thru taxii/stix2 format) and we would like the OpenCTI to ingest (polling) automatically once it configured.

@SamuelHassine SamuelHassine transferred this issue from OpenCTI-Platform/opencti Feb 22, 2020
@SamuelHassine SamuelHassine added the feature use for describing a new feature to develop label Mar 7, 2020
@SamuelHassine
Copy link
Member

Hello,

For the moment, we've decided to maintain the current implementation of connector with external configurations. Another tool may be created for this purpose.

@SamuelHassine SamuelHassine added the wontfix use to identify issue that won’t be worked on label Mar 28, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature use for describing a new feature to develop wontfix use to identify issue that won’t be worked on
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@SamuelHassine @OzRex08 @NetEyes