Skip to content
Polarity - RiskIQ integration allows Polarity to search RiskIQ Security Intelligence Services (SIS API) to return threat information on IP's, Domains and URL's.
HTML JavaScript CSS
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
components
config
styles
templates
.gitignore
.prettierrc
LICENSE
README.md
integration.js
package.json

README.md

Polarity RiskIQ SIS Integration

mode:on demand only

Due to the time it can take for lookups against certain indicators, we recommend that this integration be run in "On Demand Only" mode. Setting integration's to run on demand only is a feature available starting in Polarity Server 3.7.5 and Polarity Web 3.4.21.

As attacks against the organization increase, it’s more important than ever to have a security program built on robust and reliable data to enrich analysis and inform the decision-making process. RiskIQ offers the ability to ingest critical security data programmatically at scale.

The Polarity RiskIQ integration allows Polarity to search RiskIQ Security Intelligence Services (SIS API) to return threat information on IP's, Domains and URL's.

More information on RiskIQ SIS please see https://www.riskiq.com/products/security-intelligence-services

For information about the RiskIQ API please see https://api.riskiq.net/api/concepts.html

riskiq

RiskIQ Integration Options

RiskIQ Host

The host to use for the RiskIQ SIS API

RiskIQ API Key

RiskIQ Security Intelligence Services API Key

RiskIQ Private Key

RiskIQ Security Intelligence Services Private Key

Domain and IP Blacklist

This is an alternate option that can be used to specify domains or IPs that you do not want sent to RiskIQ. The data must specify the entire IP or domain to be blocked (e.g., www.google.com is treated differently than google.com).

Domain Blacklist Regex

This option allows you to specify a regex to blacklist domains. Any domain matching the regex will not be looked up. If the regex is left blank then no domains will be blacklisted.

IP Blacklist Regex

This option allows you to specify a regex to blacklist IPv4 Addresses. Any IPv4 matching the regex will not be looked up. If the regex is left blank then no IPv4s will be blacklisted.

Installation Instructions

Installation instructions for integrations are provided on the PolarityIO GitHub Page.

Polarity

Polarity is a memory-augmentation platform that improves and accelerates analyst decision making. For more information about the Polarity platform please see:

https://polarity.io/

You can’t perform that action at this time.