Pulsedive Integration

Pulsedive threat intelligence offers a community platform that scans, enriches, and scores millions of indicators of compromise, setting the foundation for powerful threat investigation and research capabilities. Register for a free account and API key to access the intelligence sourced and contextualized from dozens of feeds and submitted by users all over the world.

Additionally, leverage Pulsedive to run passive or active scans on any indicator, investigate shared threat properties and attributes, and pull related threat news / summaries from the web.

Retrieve Indicator Data

  • Risk scores and risk factors

  • Registration timeline

  • Source feeds and comments

  • Associated threats

  • Ports and protocols

  • Web technologies

  • WHOIS registration

  • Location data

  • DNS records

  • Query strings

  • HTTP headers

  • SSL certificate metadata

  • Cookies

  • Meta tags

  • Mail servers

  • Redirects

  • Related domains and urls

Retrieve Threat Data

  • Related news

  • Comments

  • Risky properties

  • Source feeds

  • Indicators

Retrieve Feed Data

  • Name and organization

  • Threats

  • Indicators

Explore (Search) Our Database

  • Create queries using almost any data point(s) to pivot across indicators, threats, or feeds.

Scan Indicators

  • Perform passive or active scans of hosts to retrieve live data on-demand.

  1. In the Cisco XDR navigation menu, choose Administration > Integrations.

  2. On the Integrations page, click the Third-Party tab and navigate to the Pulsedive integration.

  3. Click the plus sign (+) in the lower-right corner of the card. The Pulsedive integration page is displayed.

  4. Expand the Integration Guide area and follow the instructions on how to add the Pulsedive integration in Cisco XDR.

You can perform the following tasks after you integrate Pulsedive with Cisco XDR:

  • Investigations - Start a new investigation into any combination of IP addresses, domains, IPv6 addresses, URLs, and the results will include any records of them found in your Pulsedive. To verify that this integration is working, and to see what kind of data is returned, investigate one of more observables about which you know Pulsedive has recent information. For details, see Investigate.