Explore OpenCTI or OpenAEV platform with 30 days Free Trial!
XTM Hub by FiligranSign In
Cofense ThreatHQ logo

Cofense ThreatHQ

Commercial Threat Intel
Email Security
Adversary & Campaign Insights

Overview

Cofense ThreatHQ connector imports phishing campaign reports, malware indicators, and associated observables from Cofense's phishing-focused threat intelligence platform.

Cofense is a leader in email security, providing phishing detection and response solutions powered by threat intelligence from over 35 million Cofense-trained employees who actively report suspected phishing threats in real-time.

Cofense ThreatHQ is a specialized phishing threat detection, analysis, and management platform that provides real-time monitoring of IOCs linked to phishing attacks. This connector retrieves intelligence reports from the ThreatHQ API and converts them into STIX 2.1 objects for import into OpenCTI.

Supported indicator types:

  • URLs, Domain Names, IPv4 Addresses
  • Files (with MD5, SHA-1, SHA-256, SHA-512 hashes)
  • Email Messages (subjects)
  • Targeted sectors (NAICS codes)
  • PDF report attachments

Basic information

Cofense ThreatHQ
Connectors
External import
6.8.13
0

    We use cookies to make the XTM Hub work, understand how it's used, and improve your experience. Strictly necessary cookies are always on. With your consent, we also use optional cookies for functionality, performance and analytics, and marketing. You can accept all, reject all, or choose which optional cookies to allow. You can change your preferences at any time via "Cookie settings". See our Cookie Policy for more information.