Forum Discussion
Threat intelligence TAXII
I am trying to add the Threat intelligence - TAXII connector in Sentinel. Upon entering the asked details such as mentioned below: Friendly Name: TAXIIFeeds API: https://limo.anomali.com/api/v1/tax...
Hello mujju016,
It seems that Limo has reached the end of the road.
Limo - Free Intel Feed by Anomali - Learn More
Are you trying to use the free version of Limo?
I am using the same as per mentioned by Microsoft.
Is there any other way for this? please guide.
Is there any other way for this? please guide.
- Where do you see that Limo was mentioned by Microsoft?
This service stopped providing free indicators. I think because of that you have an issue.- I saw a YouTube video from the Microsoft Security channel. the link is : https://www.youtube.com/watch?v=3nCDOJ9D2Q8
aside, can you pls share your insights on how to integrate the Threat intelligence - TAXII into Azure Sentinel ?
This would be of great help!There are also 2 options to ingest TI from Alien Vault:
1. Using Logic App:
Ingesting Alien Vault OTX Threat Indicators into Azure Sentinel - Microsoft Community Hub
Azure-Sentinel/Playbooks/Get-AlienVault_OTX at master · Azure/Azure-Sentinel · GitHub
2. Using TAXII:
You need to create an account on Alien Vault, generate an API key, and then connect Alien Vault TAXI.