Smarter Object Correlation in ThreatQ: ACE Parser Now Links Existing Objects Automatically
Product Area: ThreatQ Intelligence Platform → Integrations
Release Version: ThreatQ v6.13.0
Audience: Threat Intel Analysts, Integrators, Platform Admins
Last Updated: November 2, 2025
Overview
The ACE parser in ThreatQ just got smarter.
With the latest v6.13.0 update, the ACE parser now automatically links to existing system objects in your Threat Library — reducing duplicates, preserving context, and improving enrichment accuracy across integrations.
What’s New
-
Automatic Linking:
The ACE parser now detects existing Threat Library objects and links them instead of creating duplicates.
-
Exact Name Matching:
Matches are case-insensitive and based on exact object names — for example, Sad Panda, SadPanda, and Sad-Panda all match.
-
Configurable Behavior:
Matching behavior respects your TQO action configuration — you can define which object types to parse or exclude.
-
ACE-only Object Exception:
Objects sourced exclusively from ACE are excluded from keyword matching to prevent false correlations.
Why It Matters
This enhancement delivers:
-
Cleaner data by reducing duplicate objects.
-
Higher automation accuracy in parsing and enrichment workflows.
-
Improved integration performance for large-volume data feeds.
Learn More
📘 Visit the ThreatQ Help Center for details on ACE parser configuration and integration workflows.
💡 Try the new ACE parser capabilities in ThreatQ v6.13.0 and share your feedback in the comments — we’d love to hear how these improvements streamline your enrichment workflows!