Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Infoblox TIDE Solution Integrations

Reply
This is an open group. Sign in and click the "Join Group" button to become a group member and start posting.
Infoblox TIDE/Dossier Service over DXL
[ Edited ]
Adviser
Posts: 171
Registered: ‎09-09-2015
Adviser
Posts: 81

OpenDXL lets developers join an adaptive system of interconnected services that communicate and share information to make real-time, accurate security decisions. OpenDXL leverages the Data Exchange Layer (DXL), which many vendors and enterprises already utilize, and delivers a simple, open path for integrating security technologies regardless of vendor.

 

Designed to improve the context of analysis, shorten workflows of the threat defense lifecycle, reduce complexities across security products and vendors, and increase the value of previously deployed applications, OpenDXL enables unprecedented collaboration in an open, real-time system. By attaching to a common application framework, each participant enters into a unified ecosystem, one that gains value and capability as the network effect activates.

 

Initially DXL was developed and solely used by McAfee products. OpenDXL allows anyone to develop (and share) integrations with the DXL fabric using "OpenDXL" clients and servers.

 

The ActiveTrust DXL service exposes access to the Infoblox TIDE/Dossier API via the Data Exchange Layer (DXL) fabric.

The supported topics:

  • /infoblox/activetrust/tide
  • /infoblox/activetrust/tide_lookup
  • /infoblox/activetrust/dossier
  • /infoblox/activetrust/dossier_lookup

/infoblox/activetrust/dossier and /infoblox/activetrust/tide topics provide AS-IS access to the Infoblox Dossier and TIDE APIs. Please refer ActiveTrust documentation regarding requests formats.

/infoblox/activetrust/dossier_lookup and /infoblox/activetrust/tide_lookup topics provide simplified access to the ActiveTrust Dossier and TIDE APIs. Please refer Requests to the service page for the details.

 

ActiveTrustDXL service is available on GitHub and Docker Hub

 

ActiveTrustDXL.png

 

Vadim

Showing results for 
Search instead for 
Did you mean: