Environment
Question
Is there anywhere in the EDR admin console where a list of IOCs or queries used by Threat Intel feeds can be viewed?
Answer
- Navigate to the Threat Intelligence page.
- Locate the specific Threat Feed and click on "Threat Reports >>" at the bottom of the Threat Feed tile.
- A list of threat reports should be visible on the page to browse through, or the search bar at the top can be used to filter the display to specific reports