Connect Ibm X Force Exchange to AI agents

Connect Ibm X Force Exchange to Claude, Codex, Cursor, or other AI agents for your entire team. Metorial security, governance, observability, and gives your team a unified Magic MCP url to connect.

Supported Tools

lookup_malware

Lookup Malware

Look up malware intelligence by file hash or family name. When querying by hash, returns details about origins, risk level, family classification, and detection coverage. When querying by family name, returns related malware samples. Supports MD5, SHA1, and SHA256 hashes.

search_vulnerabilities

Search Vulnerabilities

Search the X-Force vulnerability database by full-text query, specific identifier (CVE, XFID, BID, RHSA, Microsoft Bulletin), or retrieve recently reported vulnerabilities. Returns vulnerability details including CVSS scores, affected platforms, remediation guidance, and references.

lookup_ip_reputation

Lookup IP Reputation

Look up the threat reputation of an IP address. Returns risk score, geolocation, content categories, and reputation history. Optionally includes associated malware information. Supports IPv4 and IPv6 addresses. Categories include Spam, Malware, Bots, Scanning IPs, Anonymisation Services, and more.

lookup_url_reputation

Lookup URL Reputation

Look up the threat reputation and content categorization of a URL or domain. Returns risk score, content categories, and associated malware. Use this to check if a URL is associated with phishing, malware distribution, or other malicious activity.

manage_collections

Manage Collections

List, search, retrieve, or create threat intelligence collections (case files). Collections are collaborative workspaces for aggregating indicators of compromise (IPs, URLs, malware hashes, vulnerabilities) and contextual notes. Use the **action** field to specify the operation: "list" for your own, "listPublic" for public, "search", "get", or "create".

lookup_app_profile

Lookup App Profile

Look up the risk profile of an internet application (e.g., Facebook, Instagram, Dropbox). Returns application description, content categories, supported actions, risk factors, and associated URLs. You can search by exact application name or do a full-text search to discover applications.

get_threat_reports

Get Threat Reports

List or retrieve IBM X-Force premier threat intelligence reports. Includes Threat Analysis, OSINT Advisory, Malware Analysis, Industry Profile, and Threat Group Profile reports. Reports can be filtered by type and date range. Provide a reportId to get the full report content, or omit it to list/search available reports.

lookup_dns_whois

Lookup DNS & WHOIS

Retrieve DNS records and/or WHOIS registration information for a domain, IP address, or URL. DNS results include A, AAAA, MX, TXT, and other record types. WHOIS results include registrant information, creation/expiration dates, and registrar details.

get_api_usage

Get API Usage

Retrieve your current API usage statistics for IBM X-Force Exchange. Shows consumption details per month for each subscription type, including entitlement limits and current usage counts.

More integrations teams use with Ibm X Force Exchange

GitHub

Manage repositories, issues, and pull requests. Create and configure branches, star repositories, review code, and merge changes. Automate CI/CD workflows with GitHub Actions, manage workflow runs, secrets, and artifacts. Track issues with labels, milestones, and assignees. Search across code, repositories, issues, and users. Manage organizations, teams, and memberships. Create and manage projects, gists, packages, deployments, and environments. Access security alerts including code scanning, secret scanning, and Dependabot alerts. Read and write file contents in repositories. Manage webhooks, notifications, and codespaces.

Sharepoint

Manage SharePoint sites, document libraries, lists, and files. Create, read, update, and delete lists and list items with custom columns. Upload, download, move, copy, and version files in document libraries. Search across sites, files, folders, lists, and list items using Microsoft Search. Manage permissions at site, list, and item levels with granular access control. Define and manage content types and site columns. Subscribe to webhooks for list and library change notifications. Retrieve site properties and search for sites across Microsoft 365.

Salesforce

Manage CRM data including Accounts, Contacts, Leads, Opportunities, Cases, and custom objects. Create, read, update, and delete records. Query data using SOQL and search across objects using SOSL. Perform bulk data operations for large-scale imports, exports, and migrations. Execute composite requests to batch multiple operations in a single API call. Access analytics, reports, and dashboards. Manage files and attachments associated with records. Interact with Chatter feeds, posts, and groups for social collaboration. Subscribe to real-time change events via Change Data Capture and Platform Events. Manage org metadata including custom objects, fields, layouts, and workflows. Query data using GraphQL for precise data retrieval across related objects.

Airtable

Create, read, update, and delete records in Airtable bases and tables. Manage base schemas including creating tables and fields. Filter records using formulas, sort by fields, and scope queries to specific views. Upsert records to find, create, or update in a single call. Upload attachments to records, read and write record comments, list accessible bases, and receive real-time base change events through webhooks.

Bitbucket

Manage Git repositories, pull requests, and CI/CD pipelines on Bitbucket Cloud. Create, fork, and configure repositories within workspaces and projects. Create, review, approve, merge, and decline pull requests with inline code comments. Browse source code, list commits, and manage branches and tags. Track issues with the built-in issue tracker. Trigger, monitor, and manage Bitbucket Pipelines. List workspace members, configure repository default reviewers and branch restrictions, create and manage repository webhooks, and search code across repositories.

Heroku

Deploy, manage, and scale applications on Heroku's cloud platform. Create and configure apps, scale dynos, provision add-ons (databases, caching, etc.), manage configuration variables, build and release code, add custom domains and SSL certificates, manage collaborators and team permissions, configure pipelines for continuous delivery, set up log drains, and sync data with Salesforce via Heroku Connect. Subscribe to webhooks for real-time notifications on app changes, builds, releases, dyno lifecycle events, and more.

Technical notes for Ibm X Force Exchange

Look up threat intelligence for IP addresses, URLs, malware, and vulnerabilities. Retrieve IP reputation scores, URL risk ratings, and malware details by hash or family name. Search the vulnerability database by CVE, XFID, or keywords. Perform DNS and WHOIS lookups. Access curated threat indicator feeds (botnets, phishing, malware, scanning IPs) in JSON, CSV, or STIX format. Create, manage, and share threat intelligence collections (case files) with indicators of compromise. Export data via STIX 2.0/2.1 and TAXII protocols. Browse analyst-curated threat analysis reports, malware analysis reports, threat group profiles, and industry threat profiles. Look up IDS/IPS signatures and internet application risk profiles. Monitor API usage and entitlements.

Connect Ibm X Force Exchange to production AI agents

See how Metorial gives Ibm X Force Exchange access the governance, tracing, and security controls teams need.

Frequently asked questions

Common questions about connecting Ibm X Force Exchange to AI agents with Metorial.

  1. Can Metorial connect Ibm X Force Exchange to AI agents?
    Yes. Metorial connects AI agents to Ibm X Force Exchange through a governed integration layer, so teams can use the provider while keeping access controlled and observable.
  2. Metorial is MCP compatible and lets teams expose approved provider tools to MCP-capable agents and clients through a controlled access layer.
  3. Metorial applies policies across users, groups, providers, agents, and individual tools, then records the context around every agent interaction.
  4. Yes. Metorial records provider activity so teams can inspect tool calls, troubleshoot integrations, and give security teams the visibility they need.