Recorded Future ASI
Overview
Import Recorded Future Attack Surface Intelligence (ASI) exposure findings into OpenCTI as STIX 2.1 incidents, observables, vulnerabilities, and relationships.
Recorded Future Attack Surface Intelligence (ASI) continuously discovers and prioritizes exposure risks across your organization's internet-facing assets. The platform identifies misconfigurations, vulnerable services, and other attack surface findings with severity scoring, CVE linkage, and remediation guidance.
This connector imports ASI exposure data from a configured project via the ASI API (SecurityTrails v2 for initial sync and v1 for incremental history). Findings are converted to STIX 2.1 and sent to OpenCTI as incidents with linked observables (IPv4/IPv6 addresses, domain names), vulnerabilities (CVEs), and relationships. It supports initial and incremental synchronization, optional severity filtering, cursor-based pagination, and configurable batch limits per run.
Requires a Recorded Future ASI API key and project ID. Have a look at the connector configuration to tailor sync frequency, TLP marking, retry behavior, and severity filters to your use case.