Integrations

IDSTower

IDSTower can use the VulnCheck Initial Access Intelligence API as a source of Suricata rules.

Setup Instructions

The following instructions were developed against IDSTower 2.7.2.

  1. Log into the VulnCheck Dashboard and click on User Icon > Tokens.
  2. Click Create Token to generate a VulnCheck new token to use with IDSTower.
  3. Log into the IDSTower Dashboard and click on Settings in the left-hand side menu.
  4. On the Settings > feeds page, click the Add New Feed button on the right.
    Settings view
  5. Set the Feed URL to https://api.vulncheck.com/v3/rules/initial-access/suricata?token=vulncheck_TOKEN where vulncheck_TOKEN is the token you created in Step 2.
    Add New Feed
  6. Click the Verify Connection button. This should transition you to the following screen with a message indicating that the connection was succesful. Click Add Feed.
    Test Connection
  7. There should now be a VulnCheck drop down in the Settings > Feeds tab, likely as the last entry. Click the Update button.
    Successfully added feed
  8. The VulnCheck Suricata rules should now be available in the Rules Management view.
    Successfully added feed

Microsoft Power BI

Microsoft Power BI can leverage VulnCheck KEV API as an intelligence source for Known Exploited Vulnerabilities. Include timely evidence of CVE exploitation such as software vendor, products, reference articles and VulnCheck XDB links in your PowerBI applications.

Tines

Monitor emerging threats and build automations into your vulnerability management workflow using VulnCheck and Tines.