We used to install soltra edge in the old ansible builds (which have thankfully 
now been pared back in the interests of stability in full dev). Soltra has not 
been a good option since they went proprietary, so since then we’ve included 
opentaxii (BSD 3) as a discovery and aggregator. 

Most of the challenges are around licensing. Hippocampe is part of The Hive 
Project, which is AGPL, which is an apache category X license so can’t be 

Mindmeld is much better license-wise (Apache 2) so would be well worth 
community consideration. I kinda like it as a framework, but 

I for one would be very pleased to hear a broader community discussion around 
which platforms we should have integrations with via the threat intel loader, 
or even through a direct to hbase streaming connector. 


> On 14 Feb 2018, at 03:13, Ali Nazemian <alinazem...@gmail.com> wrote:
> Hi All,
> I would like to understand Metron community view on Threat Intel
> aggregators as well as the roadmap of threat intelligence and threat
> hunting. There are some open source options available regarding threat
> intel aggregator such as Minemeld, Hippocampe, etc. Is there any plan to
> build that as a part of Metron in future? Is there any specific aggregator
> you think would be more aligned with Metron roadmap?
> Cheers,
> Ali

Reply via email to