About TIDE

The integration provides functionality using TIDE data.

Infoblox Dossier™ and TIDE uses highly accurate machine-readable threat intelligence data via a flexible Threat Intelligence Data Exchange (TIDE) to aggregate, curate, and enable distribution of data across a broad range of infrastructures. TIDE enables organizations to ease consumption of threat intelligence from various internal and external sources, and to effectively defend against and quickly respond to cyberthreats. TIDE is backed by the Infoblox threat intelligence team that normalizes and refines high-quality threat intelligence data feeds.

The integration enables advanced enrichment of indicators using TIDE data. Hover the mouse over indicators to see the most recent TIDE threat data for that indicator. You can also right-click on any indicator to open it in the CSP in a new tab. Lastly, via a dedicated Infoblox TIDE Search tab within QRadar, you can search for indicators right in QRadar without having to go to the CSP. 

To use these features, you must enter a valid TIDE API key on the Infoblox Cloud configuration page. This is NOT required to use the other features of the integration. They will still work without an API key.