IBM X-Force
This document explains how to set up and use IBM X-Force with TruSTAR Station.
IBM X-Force Exchange is a cloud-based threat intelligence sharing platform enabling users to rapidly research the latest security threats, aggregate actionable intelligence and collaborate with peers. Supported by human- and machine-generated intelligence, the Exchange leverages the scale of IBM X-Force to help users stay ahead of emerging threats
- Time to Install: 10 minutes
- Type of Feed: Automatic updates
- Update Frequency: 15 minutes
- Intel Type: Premium
Data Types
The integration pulls the following observables:
- IP
- URL
- MD5
- SHA1
- SHA256
Requirements
- A subscription to IBM X-Force
- IBM X-Force API Key
Getting Started
- Log into TruSTAR Station.
- Click the Marketplace icon on the left side icon list.
- Choose Closed Sources.
- Click Subscribe on the IBM X-Force box.
- Enter your IBM X-Force API key and click Save Credentials & Request Subscription.
TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.
TruSTAR Report Mapping
Field | Explanation |
Report Title | <IOC Type> <IOC Value> |
External ID | Encoded value of (<IOC Type> <IOC Value>) |
Report Body | Full json response |
Time Begun | FirstSeen field of response Example: 2010-04-27T12:46:51.000Z |
Tags | |
Deeplink | |
Client Type | PYTHON SDK |
Client Meta Tag | trustash |
Known Issues
No reported issues.