Google Digital Threat Monitoring (DTM)

Verified

Brand, Digital Risk & Underground Exposure

Third-Party & Supply Chain Oversight

Overview

Google Digital Threat Monitoring (DTM) is an external threat intelligence service that continuously monitors the open web, dark web, and other online sources to identify threats targeting your brand, domains, executives, and assets. By providing cont

Google Digital Threat Monitoring (DTM) is an external threat intelligence service that continuously monitors the open web, dark web, and other online sources to identify threats targeting your brand, domains, executives, and assets. By providing contextualized alerts and curated intelligence, DTM helps organizations detect and respond quickly to phishing, impersonation, data leakage, and other digital risks.

This connector integrates Google Digital Threat Monitoring (DTM) service with OpenCTI to bring external digital risk insights directly into your threat intelligence platform.

The connector periodically pulls alerts from the DTM API and ingests each alert into OpenCTI as an Incident. For every Incident, it stores the available context from DTM (threat category, severity, timestamps, sources, and descriptive details) and links all related technical artifacts—indicators and observables like domains, URLs, IP addresses, accounts, and file hashes.

By integrating DTM alerts as Incidents in OpenCTI and attaching their associated observables, the connector provides a structured, centralized view of external digital threats and makes it easier to correlate them with other intelligence feeds and internal security data.

Basic information

Integration documentation and codeGoogle Digital Threat Monitoring (DTM)

Visit the vendor's page to learn more and get in touchVendor Contact

Type

Connectors

Subtype

External import

OpenCTI compatibility version7.260416.0

OpenCTI Documentationhttps://docs.opencti.io/latest/usage/import/external-connectors/

Shares0