Enabling Open Threat Exchange (AV-OTX) in Alienvault


The Alienvault website has several posts about Open Threat Exchange but I wasn’t able to find instructions on how to enable it. Eventually I found the option hidden away in the advanced menu.

Here’s how to set it up:

1. Open the OSSIM web interface and click on the Configuration menu then Main

2. Select the Advanced tab and then select Open Threat Exchange

3. Select Yes from the dropdown to contribute to OTX

4. Click on the activation link. This takes you to the Alienvault website.

5. Fill out the form and submit it.

6. You’ll then get an email from Alienvault with a confirmation link. Click it and you will get a page saying that you’ve activated OTX.

7. Now go back to the OSSIM page and click on the Send Now button. This evaluates the threats your system has picked up and it will then show you a page like this one:

8. Click Send Now to send the details to Alienvault so they can be distributed to others.

Advertisements
Tagged , , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: