**The latest version 1.3 is now updated to use campaign information from STIX/TAXII server.**
**This package is now updated to use an open-source STIX/TAXII server as a source to collect and normalize threat data.**
This package populates, displays, and monitors the Threat Model, which is used to detect and contextualize potential malicious activity based on intelligence derived from a site-specific mix of threat intelligence sources. This package uses the open-source Collective Intelligence Framework (CIF) to collect and normalize threat data from open source, proprietary, and internal sources.
User cases supported by this package include:
**NEW** Please note, this update does not require a new download of the L1 Threat Intelligence package. Please follow the instructions to update the solution for STIX/TAXII here: https://sec.microfocus.com/foswiki/bin/view/ArcSightActivate/L1ThreatIntelligence#a_41_STIX_47TAXII
This version is able to collect:
For more detail, please visit https://sec.microfocus.com/foswiki/bin/view/ArcSightActivate/L1ThreatIntelligence
• Active Base - Version 126.96.36.199 and later.
Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.
Fix bugs related to suspicious file hash use case.
Ability to collect campaign information from STIX/TAXII and use it in content.
Added file hash use case to this package.
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox