Forum Discussion
Threat intelligence TAXII
I am trying to add the Threat intelligence - TAXII connector in Sentinel. Upon entering the asked details such as mentioned below: Friendly Name: TAXIIFeeds API: https://limo.anomali.com/api/v1/tax...
I saw a YouTube video from the Microsoft Security channel. the link is : https://www.youtube.com/watch?v=3nCDOJ9D2Q8
aside, can you pls share your insights on how to integrate the Threat intelligence - TAXII into Azure Sentinel ?
This would be of great help!
aside, can you pls share your insights on how to integrate the Threat intelligence - TAXII into Azure Sentinel ?
This would be of great help!
There are also 2 options to ingest TI from Alien Vault:
1. Using Logic App:
Ingesting Alien Vault OTX Threat Indicators into Azure Sentinel - Microsoft Community Hub
Azure-Sentinel/Playbooks/Get-AlienVault_OTX at master · Azure/Azure-Sentinel · GitHub
2. Using TAXII:
You need to create an account on Alien Vault, generate an API key, and then connect Alien Vault TAXI.