THREATOPS
THREAT OPSThreat News › From API key to live threat detections in minutes: how Elastic Security ingests Google Threat Intelligence

From API key to live threat detections in minutes: how Elastic Security ingests Google Threat Intelligence

infoelastic_securityPublished 2026-06-02

<p>Elastic Security natively ingests Google Threat Intelligence: known-malicious IPs, domains, URLs, and file hashes matched against your telemetry the moment they appear, each carrying a verdict and a 0–100 threat score. The setup consists of an API key and two data streams, with no extra infrastructure. When an indicator is ambiguous, workflows built on Agent Builder query VirusTotal in real tim

MITRE ATT&CK techniques

Original source: https://www.elastic.co/security-labs/elastic-security-google-threat-intelligence