This document explains how to set up the Alienware OTX premium intelligence source in the TruSTAR platform.
Alien Labs® Open Threat Exchange® (OTX™) is the world’s first and largest truly open threat intelligence community of more than 100,000 threat researchers and security professionals in 140 countries. The OTX delivers more than 19 million threat indicators daily.
- Source Type: Premium Intel
- Update Type: Query-based
- Parser: Yes
- Time to Install: 10 minutes
- A subscription to Alienware OTX
- Alienware OTX API Key
- Log into the TruSTAR Web App.
- Click the Marketplace icon on the left side icon list.
- Click Premium Intel to view the feeds available.
- Click Subscribe on the Alienware OTX box.
- Enter your Alienvault API key and click Save Credentials & Request Subscription.
TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.
TruSTAR Report Mapping
The information retrieved from this intelligence source is stored in the Alienvault OTX Enclave using this format.
Name field of JSON response
Example: New Exploit Kit Novidade Found Targeting Home and SOHO Routers)
Encoded value of (id) field of json response
Example: encoded value of (5c0f9568e3307b26b191fe84)
Complete JSON response
Created field of response
Tags in field of response, if present
Client Meta Tag
No reported issues.