Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

AlienVault OTX TAXII Feed

Copper Contributor

Hi everyone.

I am trying to integrate AlienVault's OTX TAXII feed as a data connector, and I keep getting "unexpected" errors. Has anyone had success with this or other TAXII feeds?

Thanks! 

7 Replies

@MikeShorts I successfully connected it using playbook, you can find it on github repo

@Pawel_Giza I'll check it out. Thank you!

@Pawel_Giza Good morning. Do you have a direct link for that please?
Thank you kindly.

@Kevin Lovegrove below are resources which i belive in Github repo for alientVault,

 

Azure-Sentinel/Playbooks/Get-AlienVault_OTX at master · Azure/Azure-Sentinel · GitHub

 

and a very good article about the same Ingesting Alien Vault OTX Threat Indicators into Azure Sentinel - Microsoft Tech Community

 

Hope it helps

@printscreen 

Thank you kindly.

Has anyone gotten this to work in Gov cloud environments? Like GCC-high?