Infoblox TIDE leverages highly accurate machine-readable threat intelligence data via a flexible TIDE (Threat Intelligence Data Exchange) to aggregate, curate, and enable distribution of data across a broad range of infrastructure. TIDE enables organizations to ease consumption of threat intelligence from various internal and external sources, and to effectively defend against and quickly respond to cyber threats. TIDE threat indicators are enriched with threat classification, scoring, TTL and is backed by the Infoblox threat intelligence team that normalizes and refines high-quality threat intelligence data feeds.
TIDE collects and manages curated threat intelligence from internal and external sources in a single platform. It enables security operations to remediate threats more rapidly by sharing normalized TIDE data in real time with third-party security systems such as firewalls, SIEM, XDR, TIP, SOAR, etc. By leveraging highly accurate machine-readable threat intelligence (MRTI) data to aggregate and selectively distribute data across a broad range of security infrastructure, the end result is a highly refined feed with a very low historical false-positive rate.
The TIDE API consists of the Data API. The Data API is used to submit and retrieve threat indicators and consists of the following:
- Threat Batch APIs (batch): Used to submit threat indicators and retrieve details about uploaded batches.
- Property APIs (property): Used to retrieve threat properties registered on the Cloud Services Portal.
- Threat APIs (threat): Used to search threat indicators on the Cloud Services Portal.
- Threat Class APIs (threat_class): Used to retrieve threat classes registered on the Infoblox Cloud Services Platform.
Before using the TIDE API, you must verify your account using the Cloud Services Platform’s token authentication service.
The original version of Malware Analysis is being replaced with Malware Analysis Version 3. Infoblox highly recommends customers begin using Malware Analysis Version 3 going forward.
All Python examples provided in this guide were scripted using Python 3.0.
How do I use the API Guides?
How do I create an API key?
What is a data profile?
How do I create a data profile?
How do I submit data?
How do I format the data I submit?
How do I check my data submission status?
How do I search all my data?
How do I view all of my organization's data profiles?
How do I see what RPZ feeds I have access to with my Cloud Services Portal License?
How do I see what data profiles I have access to with my Cloud Services Portal License?
How do I search data in the last X time units?
How Do I Get Infoblox's Current Active Threat Data?
This page has no comments.