Juniper Networks X-Force Integration
Juniper Networks X-Force security experts use a series of international data centers to collect tens of thousands of malware samples, analyze web pages and URLs, and run analysis to categorize potentially malicious IP addresses and URLs. X-Force Exchange is the platform for sharing this data, which can be used in JSA.
X-Force Threat Intelligence Feed
You can integrate X-Force Exchange data into JSA to help your organization stay ahead of emerging threats by identifying and remediating undesirable activity in your environment before it threatens the stability of your network.
For example, you can identify and prioritize these types of incidents:
A series of attempted logins for a dynamic range of IP addresses
An anonymous proxy connection to a Business Partner portal
A connection between an internal endpoint and a known botnet command and control
Communication between an endpoint and a known malware distribution site
X-Force integration allows you to use the X-Force Threat Intelligence data in JSA correlation rules and AQL queries. Access to the X-Force Exchange REST API is not included.