All Collections
Integration Guide
Blueliv Threat Context Integration
Blueliv Threat Context Integration
Ali Murtaza avatar
Written by Ali Murtaza
Updated over a week ago

About BlueLiv

Blueliv leverages its remarkably targeted and automated cyber threat platform to deliver live, rapid, and actionable intelligence. Blueliv’s Threat Context improves the SOC’s overall performance by augmenting the data for SOC analysts.

SIRP integrates with Blueliv’s Threat Context to enrich\artifacts and accelerates threat response. Strategic intelligence aids SOC analysts to not only evade but also anticipate threats.

Analysts can use this integration to search for specific artifacts seen or reported by Blueliv.

Supported Actions

SIRP’s Blueliv Threat Context integration app allows you to execute the following actions:




Search CVE

Get CVE details from Blueliv


Search Fully Qualified Domain Name

Search for any records against the given FQDN in the Blueliv Threat Context database


Search IP

Get IP reputational information from Blueliv Threat Context


Search SHA-256

Get Hash reputational information from Blueliv Threat Context


Search Threat Actors

Get data from the Blueliv database related to the given Threat actor

Enable and Configure the Blueliv App in SIRP

  • Login to SIRP, then go to Apps from the left navigation bar.

  • Locate the app named Blueliv (threat context)

  • Enable the Blueliv app by clicking on the toggle button.

  • A new window will pop up asking for information such as:

Host: <The Blueliv platform’s URL>

Email: <Your email address used to log in to Blueliv>

Password: <Your password used to log in to Blueliv>

Organization ID: <Organization ID from Blueliv>

  • Click Save.

After the integration is complete, you should be able to execute BlueLiv App actions from any Container (Incidents, Vulnerabilities, Threat Intel), Playbook, or from the Automation playground.

Simply select the Application “Threat Context” and then select the desired action. For example, if you click on a hash, you can search that hash in Blueliv’s Threat Context database.

Did this answer your question?