OpenDXL
Security Intelligence Sharing
mohl1 added a new solution:
QuoteDisplay MoreThis App provides the capability to publish Threat Information from Phantom to the McAfee Data Exchange Layer messaging bus. This App supports the following actions:
- lookup md5 Hash with McAfee Active Response - lookup md5
- push md5 hash into the TIE Database with a reputation score - dxl push md5
- push an event over the McAfee DXL fabric - dxl push ip
- validate the asset configuration for DXL connectivity - test connectivity
More actions will follow.
Phantom is a community powered security automation and orchestration platform.
Icon made by Daniel Bruce from www.flaticon.com
mohl1 added a new solution:
QuoteMcAfee Advanced Threat Defense (ATD) produces local threat intelligence that is published via DXL. An OpenDXL wrapper subscribes and parses IP indicators from ATD and automatically updates Firewall rules, pushing new configurations to selected Firewalls.
McAfee Advanced Threat Defense (ATD) is a malware analytics solution combining signatures and behavioural analysis techniques to rapidly identify malicious content and provides local threat intelligence. ATD exports IOC data in STIX format in several ways including DXL.
Check Point Firewalls industry leading Next Generation Firewalls that offer network security protection in an integrated next generation firewall platform.