Carbon Black Cloud Threat Intelligence Connector
Project description
Threat Intelligence Connector for Carbon Black Cloud
This is a python project that can be used for ingesting Threat Intelligence from various STIX Feeds. The current supported versions of STIX Feeds are 1.x, 2.0 and 2.1. It supports python >= 3.8
Installation
$ pip install carbon-black-cloud-threat-intelligence-connector
$ cbc-threat-intel --help
Usage: cbc-threat-intel [OPTIONS] COMMAND [ARGS]...
Options:
--help Show this message and exit.
Commands:
create-feed Creates a feed in CBC
create-watchlist Creates a Watchlist in CBC (from already created feed)
process-file Process and import a single STIX content file into...
process-server Process and import a TAXII Server (2.0/2.1/1.x)
version Shows the version of the connector
Documentation
Visit the developer network of Carbon Black Cloud for more information of how to use the connector.
Developing the connector
We rely on pull requests to keep this project maintained. By participating in this project, you agree to abide by the VMware code of conduct.
Setup
It is recommended to use Python3.8 / Python3.9 version for that project, assuming that you installed the deps with either virtualenv or poetry.
For a good code quality make sure to install the hooks from pre-commit as well.
$ pre-commit install
Installation
Clone the repository
$ git clone https://github.com/carbonblack/carbon-black-cloud-threat-intelligence-connector.git
$ cd carbon-black-cloud-threat-intelligence-connector/
You can install this connector either via Poetry or using the virtualenv.
Using Poetry
You will need to install poetry first.
To install the connector run:
$ poetry install
Using virtualenv
You will need to install virtualenv first.
$ virtualenv venv
...
$ source ./venv/bin/activate
(venv) $ pip install -r requirements.txt
Tests
The tests can be run with the following command:
$ pytest ./tests/unit/
For running the performance tests check out the README
Support
- View all API and integration offerings on the Developer Network along with reference documentation, video tutorials, and how-to guides.
- Use the Developer Community Forum to discuss issues and get answers from other API developers in the Carbon Black Community.
- Create a github issue for bugs and change requests or create a ticket with Carbon Black Support.
Submitting a PR
It is strongly recommended to have written tests and documentation for your changes before submitting a PR to the project. Make sure to write good commit messages as well.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file carbon-black-cloud-threat-intelligence-connector-1.1.tar.gz.
File metadata
- Download URL: carbon-black-cloud-threat-intelligence-connector-1.1.tar.gz
- Upload date:
- Size: 21.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.0 CPython/3.8.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 89c5425674423df18c3eabbef78896ab6dbc93735f7bc88cccc80117be02d303 |
|
| MD5 | 46650abbdb7f8de8a0b4c0d4360c92db |
|
| BLAKE2b-256 | 2228c2acaa3379754482476123b948af403d70ec00b65e780d8c4cab963bd1d3 |
File details
Details for the file carbon_black_cloud_threat_intelligence_connector-1.1-py3-none-any.whl.
File metadata
- Download URL: carbon_black_cloud_threat_intelligence_connector-1.1-py3-none-any.whl
- Upload date:
- Size: 26.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.0 CPython/3.8.10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | fb127e56d4c110dfee1888d481bc8a8498b0b826ca64828c947e725a0e715f20 |
|
| MD5 | 51d96c7300a8ee135e297c9301cfea3a |
|
| BLAKE2b-256 | b69aaa091cdb431ddcdd2b2c1bc8817db33359d1fc88afe85fc52c10fed3519e |
