Set up Threat Intelligence Orchestration

In order to use activities within workflows, you must first set up Threat Intelligence Orchestration.

Before you begin

You need a fully populated CMDB with domain names to use Threat Intelligence Orchestration. For more information, see Discovery.

Role required: admin

About this task

Prior to using Threat Intelligence Orchestration, perform steps to set up various parts of the system, including populating the CMDB, configuring the MID Server, and configuring credentials.

Procedure

  1. Activate the Threat Intelligence plugin.
  2. Configure the MID Server.
  3. Configure MID Server service credentials.
    You are now ready to use Threat Intelligence Orchestration activities within a workflow.