Hi QRadar community,
I am new to this SIEM solution and through my findings from reading the discussion thread, I have not yet found any ways to publish/ push CTI/IOCs from QRadar to other TIP solution or any external data storage. Most that I found is ways on how to pull IOCs from other TIP solution.
My current use-case is to gather CTI from various endpoints (IDPs,etc) to QRadar and sent over the CTI to another TIP via TAXII server through polling. Is there any way to publish the CTI over TAXII server or I have to resort to integration with other SIEM like MISP?
Appreciate if anyone can point me towards the right direction, as my initial finding have found no clear method on how to implement this solution. Thanks
------------------------------
Luqman Nur
Techlab
------------------------------