Introduction
This integration between Recorded Future and Filigran’s OpenCTI empowers cybersecurity teams by embedding real-time threat intelligence into OpenCTI. The integration has 2 components - Enrichment Connector and Recorded Future Connector.
Prerequisites
To proceed further with the installation, you need the following:
-
- Recorded Future API Token
- Docker Files for the Connector(s)
Installation Steps
Before building the Docker container, you need to set the version of pycti in requirements.txt equal to whatever version of OpenCTI you're running. Example, pycti==5.12.20. If you don't, it will take the latest version, but sometimes the OpenCTI SDK fails to initialize.
Build a Docker Image using the provided Dockerfile.
# Replace the IMAGE NAME with the appropriate value
docker build . -t [IMAGE NAME]:latest
Make sure to replace the environment variables in docker-compose.yml with the appropriate configurations for your environment. Then, start the docker container with the provided docker-compose.yml
docker compose up -d
# -d for detached
Support
For more information, please reach out to OpenCTI support.