IBM QRadar

Hello Experts,

I want to feed FS-ISAC Threat intelligence feeds into QRadar, Please has anyone successfully done this.?

I saw a previous post on this.

https://www.ibm.com/mysupport/s/question/0D50z00005q4Lg5CAE/threat-intelligence-fsisac-feed-error?language=en_US

Kindly assist with steps or any links to get this done.
Regards,

------------------------------
benjamin Nworah
------------------------------

I integrated the MS-ISAC feed using the Threat APP which add STIX and TAXXI ability to QRadar.  Get an API key from FS-ISAC.

------------------------------
Scott Searls
------------------------------

Original Message:
Sent: Thu February 25, 2021 11:18 AM
From: benjamin Nworah
Subject: FSISAC threat intelligence Feed with QRadar

Hello Experts,

I want to feed FS-ISAC Threat intelligence feeds into QRadar, Please has anyone successfully done this.?

I saw a previous post on this.

https://www.ibm.com/mysupport/s/question/0D50z00005q4Lg5CAE/threat-intelligence-fsisac-feed-error?language=en_US

Kindly assist with steps or any links to get this done.
Regards,

------------------------------
benjamin Nworah
------------------------------

Hello Scott,

Thank you for your input. Does the FS-ISAC TI feeds requires certificate ?

Regards,


------------------------------
benjamin Nworah
------------------------------

Original Message:
Sent: Fri February 26, 2021 10:19 AM
From: Scott Searls
Subject: FSISAC threat intelligence Feed with QRadar

I integrated the MS-ISAC feed using the Threat APP which add STIX and TAXXI ability to QRadar.  Get an API key from FS-ISAC.

------------------------------
Scott Searls

Original Message:
Sent: Thu February 25, 2021 11:18 AM
From: benjamin Nworah
Subject: FSISAC threat intelligence Feed with QRadar

Hello Experts,

I want to feed FS-ISAC Threat intelligence feeds into QRadar, Please has anyone successfully done this.?

I saw a previous post on this.

https://www.ibm.com/mysupport/s/question/0D50z00005q4Lg5CAE/threat-intelligence-fsisac-feed-error?language=en_US

Kindly assist with steps or any links to get this done.
Regards,

------------------------------
benjamin Nworah
------------------------------

Original Message:
Sent: 2/26/2021 11:23:00 AM
From: benjamin Nworah
Subject: RE: FSISAC threat intelligence Feed with QRadar

Hello Scott,

Thank you for your input. Does the FS-ISAC TI feeds requires certificate ?

Regards,


------------------------------
benjamin Nworah
------------------------------

Original Message:
Sent: Fri February 26, 2021 10:19 AM
From: Scott Searls
Subject: FSISAC threat intelligence Feed with QRadar

I integrated the MS-ISAC feed using the Threat APP which add STIX and TAXXI ability to QRadar.  Get an API key from FS-ISAC.

------------------------------
Scott Searls

Original Message:
Sent: Thu February 25, 2021 11:18 AM
From: benjamin Nworah
Subject: FSISAC threat intelligence Feed with QRadar

Hello Experts,

I want to feed FS-ISAC Threat intelligence feeds into QRadar, Please has anyone successfully done this.?

I saw a previous post on this.

https://www.ibm.com/mysupport/s/question/0D50z00005q4Lg5CAE/threat-intelligence-fsisac-feed-error?language=en_US

Kindly assist with steps or any links to get this done.
Regards,

------------------------------
benjamin Nworah
------------------------------

Hello Experts,

I am trying to integrate with a third party TAXII Server, I received the error as seen below. 

Do i need to permit the TAXII Endpoint https://taxii.fsisac.com/ctixapi/taxii/ on my firewall?
Please how can i troubleshoot this issue.?

Thank You.

------------------------------
benjamin Nworah
------------------------------

Original Message:
Sent: Thu March 04, 2021 11:57 AM
From: Scott Searls
Subject: FSISAC threat intelligence Feed with QRadar

Hello, 

I'm sorry, I am not sure how to answer that.  

Wish you well.

Regards,

Scott Searls

Original Message:
Sent: 2/26/2021 11:23:00 AM
From: benjamin Nworah
Subject: RE: FSISAC threat intelligence Feed with QRadar

Hello Scott,

Thank you for your input. Does the FS-ISAC TI feeds requires certificate ?

Regards,


------------------------------
benjamin Nworah

Original Message:
Sent: Fri February 26, 2021 10:19 AM
From: Scott Searls
Subject: FSISAC threat intelligence Feed with QRadar

I integrated the MS-ISAC feed using the Threat APP which add STIX and TAXXI ability to QRadar.  Get an API key from FS-ISAC.

------------------------------
Scott Searls

Original Message:
Sent: Thu February 25, 2021 11:18 AM
From: benjamin Nworah
Subject: FSISAC threat intelligence Feed with QRadar

Hello Experts,

I want to feed FS-ISAC Threat intelligence feeds into QRadar, Please has anyone successfully done this.?

I saw a previous post on this.

https://www.ibm.com/mysupport/s/question/0D50z00005q4Lg5CAE/threat-intelligence-fsisac-feed-error?language=en_US

Kindly assist with steps or any links to get this done.
Regards,

------------------------------
benjamin Nworah
------------------------------

It would appear that is the case.  I would suspect you have a firewall deny for that communication in your log activity tab.

------------------------------
Scott Searls
------------------------------

Original Message:
Sent: Wed March 10, 2021 04:10 PM
From: benjamin Nworah
Subject: FSISAC threat intelligence Feed with QRadar

Hello Experts,

I am trying to integrate with a third party TAXII Server, I received the error as seen below. 

Do i need to permit the TAXII Endpoint https://taxii.fsisac.com/ctixapi/taxii/ on my firewall?
Please how can i troubleshoot this issue.?

Thank You.

------------------------------
benjamin Nworah

Original Message:
Sent: Thu March 04, 2021 11:57 AM
From: Scott Searls
Subject: FSISAC threat intelligence Feed with QRadar

Hello, 

I'm sorry, I am not sure how to answer that.  

Wish you well.

Regards,

Scott Searls

Original Message:
Sent: 2/26/2021 11:23:00 AM
From: benjamin Nworah
Subject: RE: FSISAC threat intelligence Feed with QRadar

Hello Scott,

Thank you for your input. Does the FS-ISAC TI feeds requires certificate ?

Regards,


------------------------------
benjamin Nworah

Original Message:
Sent: Fri February 26, 2021 10:19 AM
From: Scott Searls
Subject: FSISAC threat intelligence Feed with QRadar

I integrated the MS-ISAC feed using the Threat APP which add STIX and TAXXI ability to QRadar.  Get an API key from FS-ISAC.

------------------------------
Scott Searls

Original Message:
Sent: Thu February 25, 2021 11:18 AM
From: benjamin Nworah
Subject: FSISAC threat intelligence Feed with QRadar

Hello Experts,

I want to feed FS-ISAC Threat intelligence feeds into QRadar, Please has anyone successfully done this.?

I saw a previous post on this.

https://www.ibm.com/mysupport/s/question/0D50z00005q4Lg5CAE/threat-intelligence-fsisac-feed-error?language=en_US

Kindly assist with steps or any links to get this done.
Regards,

------------------------------
benjamin Nworah
------------------------------

Hello Scot,

I will inform the client to permit the TAXII endpoint on their Firewall, and see if this works.

Thank You.

------------------------------
benjamin Nworah
------------------------------

Original Message:
Sent: Wed March 10, 2021 04:29 PM
From: Scott Searls
Subject: FSISAC threat intelligence Feed with QRadar

It would appear that is the case.  I would suspect you have a firewall deny for that communication in your log activity tab.

------------------------------
Scott Searls

Original Message:
Sent: Wed March 10, 2021 04:10 PM
From: benjamin Nworah
Subject: FSISAC threat intelligence Feed with QRadar

Hello Experts,

I am trying to integrate with a third party TAXII Server, I received the error as seen below. 

Do i need to permit the TAXII Endpoint https://taxii.fsisac.com/ctixapi/taxii/ on my firewall?
Please how can i troubleshoot this issue.?

Thank You.

------------------------------
benjamin Nworah

Original Message:
Sent: Thu March 04, 2021 11:57 AM
From: Scott Searls
Subject: FSISAC threat intelligence Feed with QRadar

Hello, 

I'm sorry, I am not sure how to answer that.  

Wish you well.

Regards,

Scott Searls

Original Message:
Sent: 2/26/2021 11:23:00 AM
From: benjamin Nworah
Subject: RE: FSISAC threat intelligence Feed with QRadar

Hello Scott,

Thank you for your input. Does the FS-ISAC TI feeds requires certificate ?

Regards,


------------------------------
benjamin Nworah

Original Message:
Sent: Fri February 26, 2021 10:19 AM
From: Scott Searls
Subject: FSISAC threat intelligence Feed with QRadar

I integrated the MS-ISAC feed using the Threat APP which add STIX and TAXXI ability to QRadar.  Get an API key from FS-ISAC.

------------------------------
Scott Searls

Original Message:
Sent: Thu February 25, 2021 11:18 AM
From: benjamin Nworah
Subject: FSISAC threat intelligence Feed with QRadar

Hello Experts,

I want to feed FS-ISAC Threat intelligence feeds into QRadar, Please has anyone successfully done this.?

I saw a previous post on this.

https://www.ibm.com/mysupport/s/question/0D50z00005q4Lg5CAE/threat-intelligence-fsisac-feed-error?language=en_US

Kindly assist with steps or any links to get this done.
Regards,

------------------------------
benjamin Nworah
------------------------------

Hi,

I'm looking for a similar integration. Is this method working?

Thank you,

Abdulsk

------------------------------
Abdulsaleem sk
------------------------------

Original Message:
Sent: Wed March 10, 2021 04:42 PM
From: benlinux
Subject: FSISAC threat intelligence Feed with QRadar

Hello Scot,

I will inform the client to permit the TAXII endpoint on their Firewall, and see if this works.

Thank You.

------------------------------
benjamin Nworah

Original Message:
Sent: Wed March 10, 2021 04:29 PM
From: Scott Searls
Subject: FSISAC threat intelligence Feed with QRadar

It would appear that is the case.  I would suspect you have a firewall deny for that communication in your log activity tab.

------------------------------
Scott Searls

Original Message:
Sent: Wed March 10, 2021 04:10 PM
From: benjamin Nworah
Subject: FSISAC threat intelligence Feed with QRadar

Hello Experts,

I am trying to integrate with a third party TAXII Server, I received the error as seen below. 

Do i need to permit the TAXII Endpoint https://taxii.fsisac.com/ctixapi/taxii/ on my firewall?
Please how can i troubleshoot this issue.?

Thank You.

------------------------------
benjamin Nworah

Original Message:
Sent: Thu March 04, 2021 11:57 AM
From: Scott Searls
Subject: FSISAC threat intelligence Feed with QRadar

Hello, 

I'm sorry, I am not sure how to answer that.  

Wish you well.

Regards,

Scott Searls

Original Message:
Sent: 2/26/2021 11:23:00 AM
From: benjamin Nworah
Subject: RE: FSISAC threat intelligence Feed with QRadar

Hello Scott,

Thank you for your input. Does the FS-ISAC TI feeds requires certificate ?

Regards,


------------------------------
benjamin Nworah

Original Message:
Sent: Fri February 26, 2021 10:19 AM
From: Scott Searls
Subject: FSISAC threat intelligence Feed with QRadar

I integrated the MS-ISAC feed using the Threat APP which add STIX and TAXXI ability to QRadar.  Get an API key from FS-ISAC.

------------------------------
Scott Searls

Original Message:
Sent: Thu February 25, 2021 11:18 AM
From: benjamin Nworah
Subject: FSISAC threat intelligence Feed with QRadar

Hello Experts,

I want to feed FS-ISAC Threat intelligence feeds into QRadar, Please has anyone successfully done this.?

I saw a previous post on this.

https://www.ibm.com/mysupport/s/question/0D50z00005q4Lg5CAE/threat-intelligence-fsisac-feed-error?language=en_US

Kindly assist with steps or any links to get this done.
Regards,

------------------------------
benjamin Nworah
------------------------------