This is a python project that can be used for ingesting Threat Intelligence from various STIX Feeds. The current supported versions of STIX Feeds are 1.x, 2.0 and 2.1. It supports python >= 3.8
$ pip install carbon-black-cloud-threat-intelligence-connector
$ cbc-threat-intel --help
Usage: cbc-threat-intel [OPTIONS] COMMAND [ARGS]...
Options:
--help Show this message and exit.
Commands:
create-feed Creates a feed in CBC
create-watchlist Creates a Watchlist in CBC (from already created feed)
process-file Process and import a single STIX content file into...
process-server Process and import a TAXII Server (2.0/2.1/1.x)
version Shows the version of the connector
Visit the developer network of Carbon Black Cloud for more information of how to use the connector.
We rely on pull requests to keep this project maintained. By participating in this project, you agree to abide by the VMware code of conduct.
It is recommended to use Python3.8 / Python3.9 version for that project, assuming that you installed the deps with either virtualenv or poetry.
For a good code quality make sure to install the hooks from pre-commit
as well.
$ pre-commit install
Clone the repository
$ git clone https://github.com/carbonblack/carbon-black-cloud-threat-intelligence-connector.git
$ cd carbon-black-cloud-threat-intelligence-connector/
You can install this connector either via Poetry or using the virtualenv
.
Using Poetry
You will need to install poetry first.
To install the connector run:
$ poetry install
Using virtualenv
You will need to install virtualenv first.
$ virtualenv venv
...
$ source ./venv/bin/activate
(venv) $ pip install -r requirements.txt
The tests can be run with the following command:
$ pytest ./tests/unit/
For running the performance tests check out the README
- View all API and integration offerings on the Developer Network along with reference documentation, video tutorials, and how-to guides.
- Use the Developer Community Forum to discuss issues and get answers from other API developers in the Carbon Black Community.
- Create a github issue for bugs and change requests or create a ticket with Carbon Black Support.
It is strongly recommended to have written tests and documentation for your changes before submitting a PR to the project. Make sure to write good commit messages as well.