Help Center
Go back to application
Help Center
Go back to application
Platform Fundamentals
Getting Started
Account Management
User Management
Asset Management
Asset Basics
Assets Operations
Asset Customization
Vulnerability Management
Vulnerability Basics
Vulnerability Operations
Vulnerability Organization
Bulk Updating Vulnerability Custom Fields Using CSVConfiguring Threat IntelConfigure your SLA policyVulnerabilities ViewsVulnerabilities View FoldersVulnerabilities Custom CSV Export
Integrations & Connectors
Credential Management
Connector Setup
Synchronization
Scanning and Assesssment
Scanning Operations
Security Analysis
Workflow Configuration
Engagemet Management
Enagagement Basic
Enagagement Operations
Pentesting as a Service
PTaaS Basics
Vulnerability Submission
Task Management
Task Basics
Task Automation
Reporting and Documentation
Reports
Documentation

Configuring Threat Intel

Strobes allows you to enrich your vulnerability data using Threat Intelligence (TI), helping you associate real-world risk context to each vulnerability. This empowers better prioritization and decision-making during remediation.

 Default Threat Intelligence: XO Intel

By default, Strobes comes integrated with XO Intel, our in-house threat intelligence engine. XO Intel is:

  • Built by the Strobes team
  • Continuously updated
  • Free to use with all accounts
  • Automatically enabled—no configuration required

XO Intel provides real-time risk enrichment based on:

  • CVE severity trends
  • Exploitation in the wild
  • Affected assets in global attack campaigns
  • Ransomware mentions, and more

 Using Third-Party Threat Intelligence Sources

If your organization uses or prefers a third-party TI provider, Strobes supports easy integration with services like:

  • Intel Graph
  • Other external TI APIs

 Important Note:

You can configure only one Threat Intelligence provider at a time. You must choose either XO Intel or your preferred third-party TI source.

 How to Configure a Third-Party Threat Intelligence Integration

To set up a custom Threat Intelligence provider, follow these steps:

Step 1: Access Threat Intelligence Settings

  1. Navigate to the Settings section in your Strobes dashboard.
  2. Click on Threat Intelligence Configuration.

Step 2: Choose Your Provider

  1. Select the third-party threat intelligence provider from the list.
  2. If your provider isn't listed, choose Custom API.

Step 3: Input Required Credentials

  • API Key: Enter the API key or token provided by your threat intelligence provider.
  • Query Frequency: Set how often Strobes should fetch data (e.g., hourly, every 6 hours, daily).
  •  Be sure to comply with the provider's rate limits to avoid service disruptions.

Step 4: Test the Integration

  • Click on Test Connection to verify the setup.
  • If the connection is successful, you’ll receive a confirmation message.

Step 5: Save and Apply

  • Click Save Changes.
  • Your threat intelligence integration will now go live.
  • Strobes will begin enriching vulnerabilities using the newly configured data source.

 Best Practices

  • Use XO Intel if you want real-time threat context without extra cost or configuration.
  • Switch to third-party TI only if your organization has specific intelligence sources it trusts more or already subscribes to.
  • Review enrichment results regularly to ensure you're getting meaningful context on vulnerabilities.

Was this article helpful?

Powered by Product Fruits