Group-IB

The OpenCTI Group-IB Connector is a standalone Python process that collect data from Threat Intelligence via API calls and push it as STIX objects to OpenCTI server. It is a system for cyber-attack analysis and attribution, threat hunting, and network infrastructure protection based on data about adversary tactics, tools, and activities. TI combines unique data sources and experience in investigating high-tech crimes and responding to complex, multi-stage attacks worldwide. The system stores data on threat actors, domains, IPs, and infrastructure collected over the past 22 years, including those that criminals have attempted to take down. To use the integration, please ensure that you have an active Threat Intelligence license to access the interface and that it covers the API endpoints you wish to reach. Documentation can be found here - https://tap.group-ib.com/hc/api?scope=integrations&q=en%2FIntegrations%2FCollections%20Info%2FCollections%20Details%2FCollections%20Details