IBM X-Force

IBM X-Force Exchange is a cloud-based threat intelligence sharing platform enabling users to rapidly research the latest security threats.

Integration with LogicHub

Connecting with IBM X-Force

To connect to IBM X-Force following details are required:

  • Label: Connection name.
  • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
  • API Key: The API key to connect to the IBM X-Force.
  • Secret Key: Secret Key For X-Force.

Actions with IBM X-Force

Get Malware for IP

Returns the malware associated with the given IP.

Inputs to this Action

  • Connections: Choose a connection that you have created.
  • Column Name: Column name from parent table containing an IP address.

Output of Action
JSON containing the following items:

  • has_error: True/False
  • error: message/null
{
   "has_error": true,
   "error": "Empty input."
}

Get Malware for URL

Returns the malware associated with the given URL.

Inputs to this Action

  • Connections: Choose a connection that you have created.
  • Column Name: Column name from parent table containing URL.
  • Additional Risk Categories: Additional X-Force URL categories to treat as high risk (separated by commas).

Output of Action
JSON containing the following items:

  • has_error: True/False
  • error: message/null
{
   "has_error": true,
   "error": "Empty input."
}

Get URL Summary and Score

Returns a brief summary and an overall risk score for a given URL.

Inputs to this Action

  • Connections: Choose a connection that you have created.
  • Column Name: Column name from parent table containing URL.

Output of Action
JSON containing the following items:

  • has_error: True/False
  • error: message/null
{
   "has_error": true,
   "error": "Empty input."
}

Get Malware for File Hash

Returns the malware associated with the given File Hash.

Inputs to this Action

  • Connections: Choose a connection that you have created.
  • Column Name: Column name from parent table containing File Hash.

Output of Action
JSON containing the following items:

  • has_error: True/False
  • error: message/null
{
   "has_error": true,
   "error": "Empty input."
}

Did this page help you?