From the course: Complete Guide to Open Source Security
Join today to access over 24,800 courses taught by industry experts.
Connecting threat intelligence sources to OpenCTI
From the course: Complete Guide to Open Source Security
Connecting threat intelligence sources to OpenCTI
- [Instructor] We've now got OpenCTI loaded and can connect using HTTP on port 8080. And we log in with the user ID admin at opencti.io, which is the default in the YAML file and our password that we set. And we sign in. We're at the main screen for OpenCTI and we can see we have no entities loaded. To start connecting threat intelligence sources, we need to go to our Portainer console. We've logged into Portainer so we can connect to local, stacks and OpenCTI. To connect to threat intelligence source, we need to add its container definition to our configuration. So we'll click editor and scroll down to the bottom of the configuration. We need to add some source YAML definitions in here. A handy source for these is the OpenCTI connectors page. Let's start with the OpenCTI connector. We'll open the external import folder, external import, and scroll down to OpenCTI and we'll find a docker compose YAML file. And if we open that, we've got the definition that we need for our connector…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.