Intelligence Feeds
Access to this feature is not enabled for all accounts by default. Please contact your Customer Success Manager if you are interested in enabling it on your account.
Flare exposes Intelligence Feeds delivered via
TAXII 2
at https://api.flare.io/taxii2/
.
Available Feeds
Feed | TAXII 2 ID |
---|---|
Botnet feed | 0abb06690b0b47e49cd7794396b76b20 |
Domain feed | a34aa0a4f9de419582a883863503f9c4 |
IP feed | baaed2a92335418aa753fe944e13c23a |
Malicious files feed | ee6a153ed77e4ec3ab21e76cc2074b9f |
URL feed | 1d3208c143be49da8130f5a66fd3a0fa |
Feed URLs can be constructed using:
- Format:
https://api.flare.io/taxii2/643f4eb5-f8b7-46a3-a606-6d61d5ce223a/collections/<TAXII 2 ID >/
- Example:
https://api.flare.io/taxii2/643f4eb5-f8b7-46a3-a606-6d61d5ce223a/collections/0abb06690b0b47e49cd7794396b76b20/
Authentication
The intelligence feeds use HTTP Basic Auth, which most TAXII clients support:
- The username should be set to
api-key
. - The password should be your Flare API Key.
Obtaining an API key is documented in the Authentication Guide .
Code Examples
Code examples for connecting to the feeds can be found in this Github repository:
The following example uses taxii2-client
, which is
available on PyPI.
Was this page helpful?