AbuseIPDB
Last updated
Last updated
Abuse IPDB is a Threat Intelligence (TI) integration. TI Data Source integrations are used during investigations to improve analysis and in interactive chat to help answer questions. They are optional, but enabling more tooling integrations enhances Dropzone analysis.
The Dropzone platform integrates with Abuse IPDB to monitor, check and report IP addresses that are involved in malicious activity such as spamming, hack attempts, and DDoS attacks.
Abuse IPDB requires an API key to enable.
To obtain an API Key, do the following:
Navigate to your AbuseIPDB Account at https://www.abuseipdb.com/ and log in
You can create a free AbuseIPDB account with a limited number of checks per day, or you can use a paid account for higher usage limits
In the banner, navigate to "API"
Click on "Create Key" on the right
Give the key a memorable name and click "Create"
Record the access token shown for use later in the Dropzone UI where it is called "API key"
To enable the Data Source integration, do the following:
Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.ai
Click System > Integrations
Click "Data Sources" in the top left corner
In the THREAT INTEL section, find the Abuse IPDB tile and click "Connect"
Input the API key
Click "Test & Save" to finish
If you have any errors engage your Dropzone AI support representative.
