Threat Intelligence integration Guideline


Security Engineers


This guideline walks you through the process of enriching LogRhythm SIEM with Threat Intelligence Feeds from Maltiverse Community TAXII Server, improving detection capabilities and helping to spotlight contacts with malicious IPs, Domains, URLs, or file hashes.

Integration Steps

Step 1

Register to Maltiverse and validate your email:

Step 3

  • Threat Provider Name: Maltiverse
  • TAXII Collection Endpoint:
  • Username: Your Email
  • Password: Your Password

Cybercrime Feed

Covers most active and prolific threats used by active organized cybercrime. It contemplates IoCs from diverse malware families in its different stages.

APT Feed

Covers actionable intelligence on advanced persistent threats (APTs) to help organizations protect themselves from high skilled targeted attacks, including Nation-State actors.

Phishing Feed

80% percent of all security incidents start with a phishing email. Stay in shape by integrating the most complete phishing feed worldwide.

Malware Distribution Feed

This feed is a collection of IPs, Hostnames and URLs that are actively distributing malware. It improves the chances to detect a security incident when an attack advances to a next stage.

Malicious URLs Feed

Covers malicious URLs disregarding phishing. 

ALT=Malicious Hostnames

Malicious Hostnames Feed

Collection of malicious hostnames disregarding Domain Generation Algorithms.

Benefit: Stop Attacks faster

The Lockheed Martin Cyber Kill Chain® model is a strategic framework that identifies and combats cyber intrusions in seven stages. Adopting Threat Intelligence helps for an early-stage identification and mitigation of threats and it can significantly decrease the potential impact on businesses.

CTA Trusted Members

Maltiverse is made by security experts with many years of experience protecting organizations, to make threat intelligence adoption a piece of cake. We share and consume Threat Intelligence from the top players in the Cybersecurity Industry as members of the Cyber Threat Alliance.