Anomali ThreatStream - Recorded Future Alerts: Getting Started

Updated

Table of Contents

Introduction

The Recorded Future Alert Feed for Anomali ThreatStream enhances alert management by delivering Recorded Future alert details directly into ThreatStream as incidents via a dedicated feed. It enables efficient triaging of both Classic and Playbook Alerts with full contextual details, provides insights into trending Intelligence Goals Library (IGL) data, and allows documentation of historical credential leaks, ensuring better-informed decisions and streamlined workflows.

Prerequisites

  • Contact Support to get a Recorded Future API Key 
  • Note: Recorded Future alerts available to ThreatStream are based on Recorded Future Module access. You must be licensed for specific modules to have certain Playbook Alerts and Classic Alerts fed into Anomali: Threat, Brand, Identity, Vulnerability
  • You must be running Anomali Cloud

Installation Steps

  1. Go to the Anomali TS App Store and search for ‘Recorded Future’
  2. Click the Recorded Future Alert Feed App and Install
  3. Input your Recorded Future Anomali Feeds Token under ‘Credentials’ and click ‘Activate’

Support

For more information, please contact support at support@recordedfuture.com

This content is confidential. Do not distribute or download content in a manner that violates your Recorded Future license agreement. Sharing this content outside of licensed Recorded Future users constitutes a breach of the terms and/or agreement and shall be considered a breach by your organization.
Was this article helpful?
0 out of 0 found this helpful

Articles in this section