Integrations

IDSTower

IDSTower can use the VulnCheck Initial Access Intelligence API as a source of Suricata rules.

Setup Instructions

The following instructions were developed against IDSTower 2.7.2.

  1. Log into the VulnCheck Dashboard and click on User Icon > Tokens.
  2. Click Create Token to generate a VulnCheck new token to use with IDSTower.
  3. Log into the IDSTower Dashboard and click on Settings in the left-hand side menu.
  4. On the Settings > feeds page, click the Add New Feed button on the right.
    Settings view
  5. Set the Feed URL to https://api.vulncheck.com/v3/rules/initial-access/suricata?token=vulncheck_TOKEN where vulncheck_TOKEN is the token you created in Step 2.
    Add New Feed
  6. Click the Verify Connection button. This should transition you to the following screen with a message indicating that the connection was succesful. Click Add Feed.
    Test Connection
  7. There should now be a VulnCheck drop down in the Settings > Feeds tab, likely as the last entry. Click the Update button.
    Successfully added feed
  8. The VulnCheck Suricata rules should now be available in the Rules Management view.
    Successfully added feed

Microsoft Power BI

Tines