Skip to main content

Release Notes 3.6.3.2

January 15, 2024

We are excited to introduce you to the latest version of Intel Exchange v3.6.3.2. This release includes enhancements and integrations.

X (Twitter) Feed Source New

You can now integrate X (Twitter) as a feed source in Intel Exchange, allowing real-time monitoring of cyber threat intelligence. Stay updated on emerging threats, IOCs, and vulnerabilities from this dynamic social platform, all within Intel Exchange. For more information, see  X (Twitter) Feeds.

Custom Attributes Enhanced

In Custom Entities Management, you can now add multi-select custom attributes, allowing for more flexible categorization of threat data. For more information, see Custom Attributes.

Custom_Attribute_Multi-select.png

Integrations

The following integrations are introduced with this release:

  • Hunt.io (API Feed Source): Hunt.io integrates with Intel Exchange to provide actionable threat intelligence by tracking malicious infrastructure across the internet. For more information, see Hunt.io.

  • Microsoft Defender Threat Intelligence (Enrichment Tool): Microsoft Defender Threat Intelligence delivers critical insights into IPs, domains, and vulnerabilities that help you gain deeper context about cyber threats. For more information, see Microsoft Defender Threat Intelligence.

  • Microsoft Defender for Endpoint (Internal App): Microsoft Defender for Endpoint is a threat protection platform designed to safeguard enterprise networks by detecting, investigating, and mitigating security breaches efficiently. For more information, see Microsoft Defender for Endpoint.

  • Google BigQuery (Internal Application): Google BigQuery can be used to retrieve indicators of compromise that are ingested and analyzed on Intel Exchange. The retrieved IOCs are added to the BigQuery data tables for further processing. For more information, see Google BigQuery.

  • VulnCheck Community: VulnCheck provides intelligence about known exploited vulnerabilities (KEV), enabling security analysts to make informed decisions to remediate vulnerabilities. For more information, see VulnCheck Community.

  • VulnCheck Premium: VulnCheck Premium allows you to retrieve feeds about vulnerabilities, threat actors, IP addresses, and malware. This feed source requires a premium subscription to VulnCheck. For more information, see VulnCheck Premium.

The following integrations are enhanced with this release:

  • Dragos (API Feed Source): Dragos retrieves threat data feeds related to industrial control systems (ICS). This integration has been revamped to improve its functionality and performance. For more information, see Dragos WorldView.

  • GreyNoise (Enrichment Tool): GreyNoise provides intelligence about exploits and vulnerabilities, enabling security analysts to make informed decisions to remediate vulnerabilities. For more information, see GreyNoise.

  • Microsoft Sentinel (Internal Application): This integration is enhanced with a new indicator operation Create or Update, which updates the details of an indicator if it exists in Microsoft Sentinel. If it does not exist, the indicator is created in Microsoft Sentinel. For more information, see Microsoft Sentinel.