Polarity: Getting Started

Updated

Table of Contents

Introduction

The Polarity integration with Recorded Future searches the Recorded Future API for threat information on associated indicators. Allowing analysts to have the power of Recorded Future's vast threat intelligence no matter what application they are looking at, enabling better data awareness and recall.

Partner Website: https://polarity.io/integrations/recorded-future/

Prerequisites

  • Recorded Future Connect API Token
  • Minimum Score: This option allows analysts to set a minimum score to be notified on indicators within Recorded Future. If an indicator has a risk score of 30 and the minimum score is set to 35 the analyst will not be notified by Polarity on the indicator.
  • Ignore List or Ignore Regex: Recorded Future Integration enables the ability to set a regex to match domains or ips to be ignored or add in a comma separated list, so the integration will never look them up in Flashpoint. This is typically used for sensitive information or company domains.

Installation Steps

All Polarity Integrations are installed in a similar manner. You can install integrations by either downloading a tar archive from the GitHub releases page of the integration you are interested in, or by using Git to clone the repo to your server.

In the instructions below we have provided example commands that you will need to modify depending on which integration you are installing. You'll need to modify the following variables when you run the example commands:

  • ${integration_version} : The version of the integration you are trying to install (e.g., “1.0.1-beta”, “0.0.1”, “2.0.0”, etc.)
  • ${integration_name}: The name of the integration you are trying to install. For example, “virustotal”, “google-maps”, “crits”, etc. Note that the name of the integration will match the name of the repository in GitHub.

Installing Integrations via Git Clone

  1. Navigate to the integrations folder on your Polarity Server:
cd /app/polarity-server/integrations
  1. Generally, you will want to clone the latest release of the integration using the following command:
git clone https://github.com/polarityio/${integration_name}.git 
  1. E.g. to clone the latest RecordedFuture integration you would use the following command:
git clone https://github.com/polarityio/recorded-future.git
  1. If you are looking to install a specific version you can do that as well:
git clone --branch ${integration_version} https://github.com/polarityio/${integration_name}.git 

Once the repo has been cloned onto your server, change into the integration directory:

cd ${integration-name}

Use npm to install the integration’s dependencies

npm install

Ensure the integration directory is owned by the polarityd user

chown -R polarityd:polarityd /app/polarity-server/integrations

Restart your Polarity-Server

service polarityd restart

The integration is now installed and you can use the Integrations page in Polarity-Web to configure integration specific options. Please see the README.md file of the installed integration for details about integration specific options.

Support

For integration support please contact info@polarity.io.

This content is confidential. Do not distribute or download content in a manner that violates your Recorded Future license agreement. Sharing this content outside of licensed Recorded Future users constitutes a breach of the terms and/or agreement and shall be considered a breach by your organization.
Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more