AbuseIPDB IP Checker Integration
AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the Internet. It is a public database of reported attacks from sysadmins and webmasters across the globe. With this module, you can scan AbuseIPDB's database for reports of attacks for a given IP.
Configure AbuseIPDB IP Checker Integration
-
In the Cisco XDR navigation menu, choose Administration > Integrations.
-
On the Integrations page, click the Third-Party tab and navigate to the AbuseIPDB IP Checker integration.
-
Click the plus sign (+) in the lower-right corner of the card. The AbuseIPDB IP Checker integration page is displayed.
-
Expand the Integration Guide area and follow the instructions on how to add the AbuseIPDB IP Checker integration in Cisco XDR.
What's Next
You can perform the following tasks after you integrate AbuseIPDB IP Checker with Cisco XDR:
-
Investigations - Start a new investigation into IP addresses and the results will include any records of them found in your AbuseIPDB IP Checker. To verify that this integration is working, and to see what kind of data is returned, investigate one of more observables about which you know AbuseIPDB IP Checker has recent information. For details, see Investigate.