Managing IoCs and IoC Feeds

You can manage IoCs globally in two ways:

  • Individual Management - SOC teams actively search for incidents or suspicious events and manually adds IoCs to enforce globally.

  • Integration with 3rd Party IoC feeds - Connect to an IoC feed your SOC team is subscribed to. This integration automatically enforces all IoCs received from the feed for your AvananAdministrator Portal.

For information about managing IoCs and IoC feeds, see Check Point IoC Administration Guide.

Note:

Avanan supports these type of IoCs through IoC Management:

  • URL

  • Domain

  • File Hash (MD5, SHA1, and SHA256)