Enrichment Tool Quota Details
CTIX integrates with various enrichment tools using API endpoints to fetch information. Each tool uses a different number of API calls to obtain the required information. For example, the IBM X Force enrichment tool makes two API calls and consumes two units of quota to enrich an IP object, whereas the Maxmind enrichment tool makes two API calls and consumes one unit of quota to enrich an IP object.
Based on the number of API calls, CTIX consumes the quota of the enrichment tool. A high number of API calls may result in higher consumption of quota.
For more information about quota, see Define Quota under Configure Enrichment Tools.
Note
If your user account exceeds the daily quota limit, CTIX disables the API access until the next quota is received in the platform. Additionally, the platform discards any leftover intel from the previous batch in case of quota exhaustion.
To understand the number of API calls and quota units consumed by each enrichment tool, refer to the following table:
Enrichment Tool | Feed Enrichment Type | Number of API Calls | Quota Consumed |
|---|---|---|---|
Abuse IPDB | IP | 1 | 1 |
Alien Vault | Domain | 5 | 5 |
Hash | 2 | 2 | |
IP | 6 | 6 | |
URL | 2 | 2 | |
Alphamountain | Domain | 3 | 3 |
IP | 3 | 3 | |
URL | 3 | 3 | |
Apivoid | IP | 1 | 1 |
Domain | 1 | 1 | |
URL | 1 | 1 | |
BlueCoat | IP | 1 | 1 |
Domain | 1 | 1 | |
URL | 1 | 1 | |
Censys | IP | 1 | 1 |
Domain | 1 | 1 | |
Cisco Umbrella | IP | 4 | 4 |
Domain | 6 | 6 | |
URL | 1 | 1 | |
Comodo | IP | 1 | 1 |
Domain | 1 | 1 | |
URL | 1 | 1 | |
Hash | 1 | 1 | |
CVE Details | Vulnerability | 1 | 1 |
CyberSixGill | Vulnerability | 1 | 1 |
DomainTools | Domain | 1 | 1 |
Exploit Database | Vulnerability | 1 | 1 |
Farsight Security | IP | 1 | 1 |
Domain | 1 | 1 | |
Google Safe Browsing | URL | 1 | 1 |
Domain | 1 | 1 | |
GreyNoise - p4 | IP | 3 | 3 |
Vulnerability | 1 | 1 | |
Have I been Pwned | 2 | 2 | |
Domain | 1 | 1 | |
Hybrid Analysis | Hash | 1 | 1 |
IANA Whois | IP | 1 | 1 |
Domain | 1 | 1 | |
IBM X Force | Domain | 2 | 2 |
Vulnerability | 1 | 1 | |
Hash | 1 | 1 | |
IP | 2 | 2 | |
Mandiant V3 | Domain | 1 | 1 |
Vulnerability | 1 | 1 | |
Hash | 1 | 1 | |
IP | 1 | 1 | |
URL | 1 | 1 | |
Mandiant V4 | Domain | 1 | 1 |
Vulnerability | 1 | 1 | |
Hash | 1 | 1 | |
IP | 1 | 1 | |
URL | 1 | 1 | |
Maxmind | IP | 2 | 1 |
MISP | MISP Warning List | 1 | 1 |
Domain | 1 | 1 | |
Hash | 1 | 1 | |
IP | 1 | 1 | |
URL | 1 | 1 | |
MX Toolbox | Domain | 6 | 6 |
IP | 2 | 2 | |
NVD | Vulnerability | 1 | 1 |
Phishtank | URL | 1 | 1 |
PolySwarm | Hash | 1 | 1 |
Recorded Future | IP | 1 | 1 |
Domain | 1 | 1 | |
URL | 1 | 1 | |
Hash | 1 | 1 | |
Vulnerability | 1 | 1 | |
RiskIQ | IP | 11 | 11 |
URL | 11 | 11 | |
Domain | 11 | 11 | |
Shodan | Domain | 1 | 1 |
IP | 1 | 1 | |
SlashNext | IP | 2 | 2 |
Domain | 2 | 2 | |
URL | 1 | 1 | |
Threat Miner | Domain | 6 | 6 |
Hash | 7 | 7 | |
IP | 6 | 6 | |
Virus Total | IP | 1 | 1 |
Domain | 1 | 1 | |
URL | 1 | 1 | |
Hash | 1 | 1 | |
VM Ray | Hash | 1 | 1 |
Zscaler | Domain | 2 | 1 |
URL | 2 | 1 | |
IP | 2 | 1 |