About AlienVault OTX

AlienVault OTX is a community of open-access threat intelligence experts formally collaborating and sharing salient, timely, and accurate information about past, ongoing, and impending cyber-attacks on a common cloud-based platform.

SIRP integrates with AlienVault OTX to enrich the artifacts by getting the information from the AlienVault OTX platform. These actions can also be used in the playbooks to take remedial actions (e.g. blocking an IP that is tagged as Malicious by AlienVault)

Supported Actions

SIRP’s AlienVault integration app allows you to execute the following actions:





Get URL Information

Get URL’s reputation and details


Get IP Information

Get IP’s reputation and details


Get Domain Information

Get domain’s reputation and details


Get Hostname Information

Get hostname details


Get Hash Information

Get hash’s reputation and details


Get Pulses

Ingest pulses from AlienVault OTX

Enable and Configure AlienVault OTX App

Getting Credentials

Follow these steps to get your OTX API key:

  • Either create a new account or log in using https://otx.alienvault.com

  • Click on the API integration tab and copy the API key for usage.

Configure SIRP Application

  • Log in to SIRP, then go to Apps from the left navigation bar.

  • Locate the AlienVault app.

  • Enable the AlienVault app by clicking on the toggle button.

  • A new window will pop-up asking for information such as API Key.

  • Paste the API key procured from AlienVault OTX and click Save.

AlienVault OTX In Action

Once the integration between SIRP and AlienVault is complete, you can execute all the supported actions. For example, click on a hash then select AlienVault > get_hash_otx_info

Once the action is successfully executed, the information on the hash will be available to the user.

Did this answer your question?