Click the Add secret button to create a new secret. This resource is used to store credentials of your Kaspersky Threat Intelligence Portal account.
The secret window is displayed.
Enter information about the secret:
In the Name field, choose a name for the added secret.
In the Tenant drop-down list, select the tenant that will own the created resource.
In the Type drop-down list, select ktl.
In the User and Password fields, enter credentials for your Kaspersky Threat Intelligence Portal account.
If you want, enter a Description of the secret.
Upload your Kaspersky Threat Intelligence Portal certificate key:
Click the Upload PFX button and select the PFX file with your certificate.
The name of the selected file appears to the right of the Upload PFX button.
Enter the password to the PFX file in the PFX password field.
Click Save.
The Kaspersky Threat Intelligence Portal account credentials are now saved and can be used in other KUMA resources.
In the Settings section of the KUMA web interface, open the Kaspersky Threat Lookup tab.
The list of available connections will be displayed.
Make sure the Disabled check box is cleared.
In the Secret drop-down list, select the secret you created before.
You can create a new secret by clicking the button with the plus sign. The created secret will be saved in the Resources → Secrets section.
If necessary, select a proxy server in the Proxy drop-down list.
Click Save.
After you save the settings, log in to the web interface and accept the Terms of Use. Otherwise, an error will be returned in the API.
The integration process of Kaspersky Threat Intelligence Portal with KUMA is completed.
Once Kaspersky Threat Intelligence Portal and KUMA are integrated, you can request additional information from the event details area about hosts, domains, URLs, IP addresses, and file hashes (MD5, SHA1, SHA256).