Enable AiStrike to ingest threat intelligence and vulnerability data from Mandiant Advantage (now Google Threat Intelligence) via API, authenticated with a Key ID and Key Secret.
Prerequisites
-
A Mandiant Advantage / Google Threat Intelligence account with admin permissions to generate API credentials.
-
Access to the Threat Intelligence API.
-
Network connectivity from AiStrike to Mandiant's API endpoints.
Generate API credentials
-
Log in at advantage.mandiant.com (or GTI via VirusTotal).
-
Go to Settings → API Access and Keys.
-
Click Get Key ID and Secret and copy the Key ID and Key Secret.
If you don't see the option to generate keys, request access from your Mandiant administrator.
Connector configuration
|
Field |
Value / Description |
|---|---|
|
API URL |
|
|
Google Threat Intelligence API Key |
The Key ID generated for GTI |
|
MATI API Key |
The Key ID generated for MATI |
|
MATI API Secret |
The Key Secret generated for MATI |
|
Maximum Retries |
Optional; attempts before marking failure (default 5) |
Save and test the connector after entering credentials. Blank fields fall back to defaults.