Select the tab
ESET Connect – Table of Contents

ESET Threat Intelligence and Stellar Cyber

Stellar Cyber's Threat Intelligence Platform helps users find and respond to cyber threats by collecting and analyzing data from different sources in one place.

Adding custom feeds, including ESET Threat Intelligence data feeds, to Stellar Cyber's Threat Intelligence Platform enables users to bring in threat data of their choice, which can help detect targeted attacks, provide more context about threats, help analysts understand risks faster and make informed decisions.

Custom feeds can be ingested to the Stellar Cyber's Threat Intelligence Platform using the Trusted Automated eXchange of Intelligence Information (TAXII) format, the framework for transmitting threat intelligence data.

How to add ESET Threat Intelligence data feeds to Stellar Cyber's Threat Intelligence Platform

If you are a user of the ESET Threat Intelligence Portal and would like to ingest the ESET Threat Intelligence data feeds to Stellar Cyber's Threat Intelligence Platform, follow the steps below:

1.Ensure you have generated TAXII credentials and activated the desired data feeds. The detailed guide on how to activate data feeds and generate TAXII credentials is available on the ESET Threat Intelligence Portal Online Help page.

2.Configure feeds and add ESET Threat Intelligence data feeds as custom feeds to Stellar Cyber's Threat Intelligence Platform using the Configuring Feeds in the Threat Intelligence Platform article. Provide the following details on the Stellar Cyber side:

Category—The category of your feed; select TAXII.

Name—The name of your feed

Collection URL—The URL of the data feed collection you would like to ingest; the list of collections and collection URLs is available on the ESET Threat Intelligence Portal Data Feeds Online Help page.

Username and Password—Your TAXII credentials, the username and password to access data feeds

Polling Frequency—Indicates how often the platform checks and retrieves new data from integrated threat intelligence feeds; for example, one hour

Backfill days—Indicates how many days of historical data the platform retrieves when a new threat intelligence feed is integrated; for example, two days

Retention Period—Indicates how long the collected data is stored within the platform; for example, two or more days