logo

Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

EDR: Which IOCs or queries are included in a specific Threat Intel feed?

EDR: Which IOCs or queries are included in a specific Threat Intel feed?

Environment

  • EDR Server: All versions

Question

Is there anywhere in the EDR admin console where a list of IOCs or queries used by Threat Intel feeds can be viewed?

Answer

  1. Navigate to the Threat Intelligence page.
  2. Locate the specific Threat Feed and click on "Threat Reports >>" at the bottom of the Threat Feed tile.
  3. A list of threat reports should be visible on the page to browse through, or the search bar at the top can be used to filter the display to specific reports

Labels (1)
Labels:
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎10-20-2023
Views:
115
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.