We are excited to announce that Cloudflare Threat Events now supports the STIX2 (Structured Threat Information Expression) format. This was a highly requested feature designed to streamline how security teams consume and act upon our threat intelligence.
By adopting this industry-standard format, you can now integrate Cloudflare’s threat events data more effectively into your existing security ecosystem.
Key benefits
-
Eliminate the need for custom parsers, as STIX2 allows for “out of the box” ingestion into major Threat Intel Platforms (TIPs), SIEMs, and SOAR tools.
-
STIX2 provides a standardized way to represent relationships between indicators, sightings, and threat actors, giving your analysts a clearer picture of the threat landscape.
For technical details on how to query events using this format, please refer to our Threat Events API Documentation.
Source: Cloudflare
Latest Posts
- Amazon Lex launches configurable voice activity detection sensitivity
- Amazon SageMaker HyperPod now validates service quotas before creating clusters on console
- (Updated) Microsoft dark themes for SharePoint sites [MC1187401]
- (Updated) Microsoft Teams: Private channels increased limits and transition to group compliance [MC1134737]
