What is your favorite threat intelligence feed to use with Graylog?

Personally I have tried OTX, but I was quickly blocked by the API cap of 10K per hour.

I am currently looking into writing a script that updates a local CSV (on the GL server) with a list of malicious IPs/Domains, then let pipelines do the parsing.

I wonder if others can share their experience in this space ? What threat intelligence source worked well for you in GL ?

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.