Interpres Application - OpenCTI

Type: SIEM/Data Lake
Vendor OpenCTI
Open CTI is a database of campaigns
Vendor setup
Have a valid account and navigate to your dashboard. At the top right click on the Profile icon then > Profile. Scroll down to "API access". All that's required for access is the API Key that's shown.
Roles and permissions can be adjusted from the Settings tab on the left. So far it seems a "Default" role with the "Access knowledge" Capabilities should be enough. This is subject to testing and any additional functionality added lated on. As such, a unique "Interpres API Connector" user can be created with its unique API Key and assigned the role and permissions detailed above.
Copy the link from the dashboard (only up through the hostname e.g. http://opencti.dev.security) and pass it in as the base url.
App Configuration
App Parameters:
Base URL: Base URL
API Key: API Key
proxy: Proxy Settings. Example: 'https://proxy.example.com:8443'. Optional.
App Validation
Check there is connectivity (green light) in the integration created.
Implemented Actions
Get Campaigns: Returns a list of campaigns.
Get Uploaded Campaigns: Returns a list of uploaded campaigns.
﻿

Did this page help you?

Interpres Application - Okta

Interpres Application - OpenText Endpoint Security