AiStrike Documentation

Mandiant (Google Threat Intelligence)

Enable AiStrike to ingest threat intelligence and vulnerability data from Mandiant Advantage (now Google Threat Intelligence) via API, authenticated with a Key ID and Key Secret.

Prerequisites

  • A Mandiant Advantage / Google Threat Intelligence account with admin permissions to generate API credentials.

  • Access to the Threat Intelligence API.

  • Network connectivity from AiStrike to Mandiant's API endpoints.

Generate API credentials

  1. Log in at advantage.mandiant.com (or GTI via VirusTotal).

  2. Go to Settings → API Access and Keys.

  3. Click Get Key ID and Secret and copy the Key ID and Key Secret.

If you don't see the option to generate keys, request access from your Mandiant administrator.

Connector configuration

Field

Value / Description

API URL

https://api.intelligence.mandiant.com (default)

Google Threat Intelligence API Key

The Key ID generated for GTI

MATI API Key

The Key ID generated for MATI

MATI API Secret

The Key Secret generated for MATI

Maximum Retries

Optional; attempts before marking failure (default 5)

Save and test the connector after entering credentials. Blank fields fall back to defaults.