THREAT OPS › Threat News › From API key to live threat detections in minutes: how Elastic Security ingests Google Threat Intelligence
From API key to live threat detections in minutes: how Elastic Security ingests Google Threat Intelligence
<p>Elastic Security natively ingests Google Threat Intelligence: known-malicious IPs, domains, URLs, and file hashes matched against your telemetry the moment they appear, each carrying a verdict and a 0–100 threat score. The setup consists of an API key and two data streams, with no extra infrastructure. When an indicator is ambiguous, workflows built on Agent Builder query VirusTotal in real tim
MITRE ATT&CK techniques
- VulnerabilitiesT1588.006