Threatscore Integration

Threatscore by Cyberprotect is based on NICKI - New Intelligence for Cyber-threat Knowledge for Inter-connectivity.

  • Every day, we process a little over a billion events.

  • We rely on a team of experts who are first and foremost cybersecurity enthusiasts.

  • Our knowledge of cyber threats is based on the high quality and diversity of brains and information we have in our lab.

  • Our engine has the ability to inter-connect with a wide range of equipment. This makes it possible to offer everyone the opportunity to optimize their cybersecurity in an efficient and unrestricted way.

  1. In the Cisco XDR navigation menu, choose Administration > Integrations.

  2. On the Integrations page, click the Third-Party tab and navigate to the Threatscore integration.

  3. Click the plus sign (+) in the lower-right corner of the card. The Threatscore integration page is displayed.

  4. Expand the Integration Guide area and follow the instructions on how to add the Threatscore integration in Cisco XDR.

You can perform the following tasks after you integrate Threatscore with Cisco XDR:

  • Investigations - Start a new investigation into any combination of IP addresses, IPv6 addresses, domains, and the results will include any records of them found in your Threatscore. To verify that this integration is working, and to see what kind of data is returned, investigate one of more observables about which you know Threatscore has recent information. For details, see Investigate.