- 24 Mar 2025
- 1 Minute to read
- Print
- DarkLight
ThreatX WAF
- Updated on 24 Mar 2025
- 1 Minute to read
- Print
- DarkLight
The ThreatX Web Application Firewall (WAF) protects web applications and API’s from a wide range of cyber threats. It combines behavioral analysis, threat intelligence, and machine learning to deliver comprehensive protection against known and emerging threats.
For detailed information, please refer to the ThreatX’s official documentation.
Integration Method: API
Tables: HTTP Activity (4002), Detection Finding (2004)
This integration supports the following events.
Event | Description |
---|---|
Block Event | Get list of Block Event logs. |
Match Event | Get list of Match Event logs. |
This integration supports the following versions.
ThreatX API version | v1 |
Note:
ThreatX WAF doesn’t follow a traditional versioning system. Instead, it is a continuously updated cloud service.
Prerequisites
The user should have access to ThreatX WAF.
The user should have access to the DataBee console.
Configuration Overview
Create an API Key with required permissions to fetch the data.
Create ThreatX WAF Data Feed in the DataBee console with the required Client credentials.
DataBee Parameter
ThreatX Parameter
Secret Key
API Key
ThreatX Configuration
Login to ThreatX WAF.
From the left side bar, navigate to Settings > API KEYS.
Click on Add API Key.
In the “Create New API” Key window:
Enter the ‘Name’ and ‘Description’ for the API Key.
Add ‘Assigned User’.
Check the box for ‘Enabled’, then click on Save.
The API key is generated. Make sure to copy and store it securely, then click OK.
Note:
Make sure to copy and save API Key as it will not be shown again.
DataBee Configuration
Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
Search for the ThreatX WAF and click it as shown below.
Click on the API Ingest option for collection method.
Enter feed contact information and click Next.
In the configuration page, confirm the following:
Authorization Method: Token Url Auth
API Base URL: this is the base URL that DataBee will interact with.
Token URL: this is the URL that DataBee will interact with to fetch the token.
Secret Key: paste the API Key generated earlier.
Event Types: preselected for all the event types that integration pulls.
Click Submit.
Troubleshooting Tips
If you are facing an unauthorized or forbidden error, it might be due to incorrect credentials. Please ensure that the API Key is pasted correctly. Since the API Key cannot be viewed after the first time, re-create the API Key, paste it into a text editor to verify that there are no spaces or unexpected characters, and then reconfigure the DataBee feed.