The Zvelo connector ingests indicators of compromise (IOCs) from Zvelo Cyber Threat Intelligence Feeds.The connector supports the ingestion of the two following data collections:
- Zvelo PhishBlocklist: Phishing threat intelligence data feed
- Zvelo Malicious Detailed Detection: Malicious threat intelligence data feed.
The connector ingests the following entities:
- Indicators: Malicious Indicators are ingested as Indicators
- Observables: Some related information linked to the malicious IOC are ingested as observables and linked to the Indicator. Example: IP addresses associated with the malicious indicator (ip_info)
- Malware: When defined, malware families associated to the Indicator are ingested as Malware and associated to the Indicator
API documentation: https://docs.zvelo.io.
