The ThreatConnect integration with Apache Kafka consists of both a Playbook app and a Service app to facilitate the subscribing and publishing of messages to Apache Kafka data streams. Below are a few examples of what this might be used for:
- Trigger and orchestrate security processes based on messages received on Kafka Topic.
- Send indicators across Kafka Topics for consumption by other security tools or for live data stream monitoring.
This app can be found in the App Catalog under the name: Apache Kafka